Results 1 to 10 of 12

Thread: GAL error

Hybrid View

  1. #1
    Join Date
    Oct 2005
    Posts
    46
    Rep Power
    10

    Question GAL search error

    I'm trying to get GAL integration with AD to to work. I think I have the correct DN in the setting. When I run a test on the letter A the search succeeds and lists all entries with the letter A. However, if I type thing more specific (like Al) the search fails. This is in the Configure GAL section in the admin UI. This is the error when trying to search for Al (in the end I want to be able to say search for Alex):

    avax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: exonline.intranet:389 [Root exception is java.net.ConnectException: Connection refused]]
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImp l(LdapNamingEnumeration.java:224)
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreRef errals(LdapNamingEnumeration.java:362)
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImp l(LdapNamingEnumeration.java:208)
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreRef errals(LdapNamingEnumeration.java:362)
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImp l(LdapNamingEnumeration.java:208)
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(Ld apNamingEnumeration.java:171)
    at com.zimbra.cs.account.ldap.LdapUtil.searchLdapGal( LdapUtil.java:823)
    at com.zimbra.cs.account.ldap.Check.checkGalConfig(Ch eck.java:190)
    at com.zimbra.cs.service.admin.CheckGalConfig.handle( CheckGalConfig.java:58)
    at com.zimbra.soap.SoapEngine.dispatchRequest(SoapEng ine.java:255)
    at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.jav a:163)
    at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.jav a:84)
    at com.zimbra.soap.SoapServlet.doPost(SoapServlet.jav a:228)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:709)
    at com.zimbra.cs.servlet.ZimbraServlet.service(Zimbra Servlet.java:154)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:802)
    at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:252)
    at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:173)
    at org.apache.catalina.core.StandardWrapperValve.invo ke(StandardWrapperValve.java:213)
    at org.apache.catalina.core.StandardContextValve.invo ke(StandardContextValve.java:178)
    at org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java:126)
    at org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:105)
    at org.apache.catalina.core.StandardEngineValve.invok e(StandardEngineValve.java:107)
    at org.apache.catalina.valves.AccessLogValve.invoke(A ccessLogValve.java:541)
    at org.apache.catalina.connector.CoyoteAdapter.servic e(CoyoteAdapter.java:148)
    at org.apache.coyote.http11.Http11Processor.process(H ttp11Processor.java:869)
    at org.apache.coyote.http11.Http11BaseProtocol$Http11 ConnectionHandler.processConnection(Http11BaseProt ocol.java:667)
    at org.apache.tomcat.util.net.PoolTcpEndpoint.process Socket(PoolTcpEndpoint.java:527)
    at org.apache.tomcat.util.net.LeaderFollowerWorkerThr ead.runIt(LeaderFollowerWorkerThread.java:80)
    at org.apache.tomcat.util.threads.ThreadPool$ControlR unnable.run(ThreadPool.java:684)
    at java.lang.Thread.run(Thread.java:595)
    Caused by: javax.naming.CommunicationException: exonline.intranet:389 [Root exception is java.net.ConnectException: Connection refused]
    at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapR eferralContext.java:74)
    at com.sun.jndi.ldap.LdapReferralException.getReferra lContext(LdapReferralException.java:132)
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreRef errals(LdapNamingEnumeration.java:339)
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImp l(LdapNamingEnumeration.java:208)
    ... 30 more
    Caused by: java.net.ConnectException: Connection refused
    at java.net.PlainSocketImpl.socketConnect(Native Method)
    at java.net.PlainSocketImpl.doConnect(PlainSocketImpl .java:333)
    at java.net.PlainSocketImpl.connectToAddress(PlainSoc ketImpl.java:195)
    at java.net.PlainSocketImpl.connect(PlainSocketImpl.j ava:182)
    at java.net.SocksSocketImpl.connect(SocksSocketImpl.j ava:366)
    at java.net.Socket.connect(Socket.java:507)
    at sun.reflect.GeneratedMethodAccessor33.invoke(Unkno wn Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(De legatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:585)
    at com.sun.jndi.ldap.Connection.createSocket(Connecti on.java:333)
    at com.sun.jndi.ldap.Connection.<init>(Connection.jav a:181)
    at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.jav a:118)
    at com.sun.jndi.ldap.LdapClientFactory.createPooledCo nnection(LdapClientFactory.java:44)
    at com.sun.jndi.ldap.pool.Connections.<init>(Connecti ons.java:97)
    at com.sun.jndi.ldap.pool.Pool.getPooledConnection(Po ol.java:114)
    at com.sun.jndi.ldap.LdapPoolManager.getLdapClient(Ld apPoolManager.java:310)
    at com.sun.jndi.ldap.LdapClient.getInstance(LdapClien t.java:1572)
    at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:259 6)
    at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapC txFactory.java:175)
    at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstanc e(LdapCtxFactory.java:134)
    at com.sun.jndi.url.ldap.ldapURLContextFactory.getObj ectInstance(ldapURLContextFactory.java:35)
    at javax.naming.spi.NamingManager.getURLObject(Naming Manager.java:584)
    at javax.naming.spi.NamingManager.processURL(NamingMa nager.java:364)
    at javax.naming.spi.NamingManager.processURLAddrs(Nam ingManager.java:344)
    at javax.naming.spi.NamingManager.getObjectInstance(N amingManager.java:316)
    at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapR eferralContext.java:93)
    ... 33 more


    When I do a search when logged in as a user I get the following error:

    javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: exonline.intranet:389 [Root exception is java.net.ConnectException: Connection refused]]
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImp l(LdapNamingEnumeration.java:224)
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreRef errals(LdapNamingEnumeration.java:362)
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImp l(LdapNamingEnumeration.java:208)
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreRef errals(LdapNamingEnumeration.java:362)
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImp l(LdapNamingEnumeration.java:208)
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(Ld apNamingEnumeration.java:171)
    at com.zimbra.cs.account.ldap.LdapUtil.searchLdapGal( LdapUtil.java:823)
    at com.zimbra.cs.account.ldap.Check.checkGalConfig(Ch eck.java:190)
    at com.zimbra.cs.service.admin.CheckGalConfig.handle( CheckGalConfig.java:58)
    at com.zimbra.soap.SoapEngine.dispatchRequest(SoapEng ine.java:255)
    at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.jav a:163)
    at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.jav a:84)
    at com.zimbra.soap.SoapServlet.doPost(SoapServlet.jav a:228)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:709)
    at com.zimbra.cs.servlet.ZimbraServlet.service(Zimbra Servlet.java:154)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:802)
    at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:252)
    at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:173)
    at org.apache.catalina.core.StandardWrapperValve.invo ke(StandardWrapperValve.java:213)
    at org.apache.catalina.core.StandardContextValve.invo ke(StandardContextValve.java:178)
    at org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java:126)
    at org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:105)
    at org.apache.catalina.core.StandardEngineValve.invok e(StandardEngineValve.java:107)
    at org.apache.catalina.valves.AccessLogValve.invoke(A ccessLogValve.java:541)
    at org.apache.catalina.connector.CoyoteAdapter.servic e(CoyoteAdapter.java:148)
    at org.apache.coyote.http11.Http11Processor.process(H ttp11Processor.java:869)
    at org.apache.coyote.http11.Http11BaseProtocol$Http11 ConnectionHandler.processConnection(Http11BaseProt ocol.java:667)
    at org.apache.tomcat.util.net.PoolTcpEndpoint.process Socket(PoolTcpEndpoint.java:527)
    at org.apache.tomcat.util.net.LeaderFollowerWorkerThr ead.runIt(LeaderFollowerWorkerThread.java:80)
    at org.apache.tomcat.util.threads.ThreadPool$ControlR unnable.run(ThreadPool.java:684)
    at java.lang.Thread.run(Thread.java:595)
    Caused by: javax.naming.CommunicationException: exonline.intranet:389 [Root exception is java.net.ConnectException: Connection refused]
    at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapR eferralContext.java:74)
    at com.sun.jndi.ldap.LdapReferralException.getReferra lContext(LdapReferralException.java:132)
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreRef errals(LdapNamingEnumeration.java:339)
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImp l(LdapNamingEnumeration.java:208)
    ... 30 more
    Caused by: java.net.ConnectException: Connection refused
    at java.net.PlainSocketImpl.socketConnect(Native Method)
    at java.net.PlainSocketImpl.doConnect(PlainSocketImpl .java:333)
    at java.net.PlainSocketImpl.connectToAddress(PlainSoc ketImpl.java:195)
    at java.net.PlainSocketImpl.connect(PlainSocketImpl.j ava:182)
    at java.net.SocksSocketImpl.connect(SocksSocketImpl.j ava:366)
    at java.net.Socket.connect(Socket.java:507)
    at sun.reflect.GeneratedMethodAccessor33.invoke(Unkno wn Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(De legatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:585)
    at com.sun.jndi.ldap.Connection.createSocket(Connecti on.java:333)
    at com.sun.jndi.ldap.Connection.<init>(Connection.jav a:181)
    at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.jav a:118)
    at com.sun.jndi.ldap.LdapClientFactory.createPooledCo nnection(LdapClientFactory.java:44)
    at com.sun.jndi.ldap.pool.Connections.<init>(Connecti ons.java:97)
    at com.sun.jndi.ldap.pool.Pool.getPooledConnection(Po ol.java:114)
    at com.sun.jndi.ldap.LdapPoolManager.getLdapClient(Ld apPoolManager.java:310)
    at com.sun.jndi.ldap.LdapClient.getInstance(LdapClien t.java:1572)
    at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:259 6)
    at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapC txFactory.java:175)
    at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstanc e(LdapCtxFactory.java:134)
    at com.sun.jndi.url.ldap.ldapURLContextFactory.getObj ectInstance(ldapURLContextFactory.java:35)
    at javax.naming.spi.NamingManager.getURLObject(Naming Manager.java:584)
    at javax.naming.spi.NamingManager.processURL(NamingMa nager.java:364)
    at javax.naming.spi.NamingManager.processURLAddrs(Nam ingManager.java:344)
    at javax.naming.spi.NamingManager.getObjectInstance(N amingManager.java:316)
    at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapR eferralContext.java:93)
    ... 33 more
    Last edited by alexz; 04-21-2006 at 06:35 AM.
    Sincerely,

    Alex

  2. #2
    Join Date
    Nov 2005
    Posts
    518
    Rep Power
    11

    Default

    >Caused by: javax.naming.CommunicationException: exonline.intranet:389 [Root exception is java.net.ConnectException: Connection refused]
    >
    exonline.intranet is AD? what happens if you "telnet exonline.intranet 389"?

  3. #3
    Join Date
    Oct 2005
    Posts
    46
    Rep Power
    10

    Default

    Quote Originally Posted by bobby
    exonline.intranet is AD? what happens if you "telnet exonline.intranet 389"?
    Yes. exonline.intranet is an AD forest. It's not a fqdn so I can't telnet to it.

    Here is the GAL config as entered into the wizard:

    GAL mode: External, most results =100
    Server type= Active Directory
    LDAP URL: dc.exonline.intranet (AD appears automatically in the LDAP filter and dc=exonline,dc=intranet appears under LDAP search base). Port 389 is selected
    GAL Settings: bind DN: cn=zimbra,ou=External,dc=exonline,dc=intranet
    (In AD there is an OU callled External and the user account Zimbra is in the External OU)
    Bind password: zimbra (same as in AD)

    Next screen is the test screen. In the search term field I enter
    "A" - no quotes. I get responses. I enter "Al" and the errors you saw appear.

    I also tried using the Administrator account in the Users container. Same result. I can search by one letter but not by a word.
    Last edited by alexz; 04-21-2006 at 02:24 PM.
    Sincerely,

    Alex

  4. #4
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    You must use the FQDN of the AD machine. Zimbra will need to connect and hence needs a value that is FQDN and can be resolved in DNS.
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  5. #5
    Join Date
    Oct 2005
    Posts
    46
    Rep Power
    10

    Question

    Quote Originally Posted by KevinH
    You must use the FQDN of the AD machine. Zimbra will need to connect and hence needs a value that is FQDN and can be resolved in DNS.
    Hi, Kevin - Where in the wizard does the FQDN go? I listed all the options on the GAL wizard on my post above. If you're referring the FQDN of the domain controller I did list it as dc.exonline.net and it answers on port 389. Note that if I use just one character (like A) the test does the search succesfully and returns a list of entries that start with A. However, when I add characters beyond A then I get the error. So I know that Zimbra server authenticates to the AD server and it knows how to query it.

    Maybe the question us how do I make the query append "dc" to "exonline.intranet:389", which is what the first part of the error references?
    Last edited by alexz; 04-21-2006 at 07:17 PM.
    Sincerely,

    Alex

  6. #6
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    The first error you posted was a connection error. So it seems you've solved that. What error are you getting now?
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

Similar Threads

  1. Replies: 23
    Last Post: 01-24-2013, 03:44 PM
  2. Zimbra fails after working for 2 weeks
    By Linsys in forum Administrators
    Replies: 10
    Last Post: 10-07-2008, 01:42 AM
  3. M3 problem with shares
    By titangears in forum Users
    Replies: 4
    Last Post: 01-12-2006, 01:01 PM
  4. Replies: 14
    Last Post: 12-22-2005, 04:59 PM
  5. Building native libraries on MacOS X
    By ajmas in forum Developers
    Replies: 3
    Last Post: 10-15-2005, 12:00 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •