Results 1 to 2 of 2

Thread: Authenticating to external ldap server

Hybrid View

  1. #1
    Join Date
    May 2012
    Salt Lake City
    Rep Power

    Default Authenticating to external ldap server

    First of all, I am very inexperience with mail server administration setup etc.
    Our company currently have an old mail server running in production with qmail along with courier-imap, and openldap for user authentication.

    after doing some research I found Zimbra to be a good candidate to move to from our old qmail MTA which is not longer supported to Zimbra.

    I have setup a new 64 bit VM server for testing purposes running redhat 6 operating system.
    1. - I installed zimbra
    2. - created a user account in zimbra that matches one of the accounts on the current mail server and send a couple of e-mails for testing and sending e-mails work
    3. - used imapsync to sync a user account mailbox from current qmail server to zimbra and it works fine.
    4. - Since our current qmail users authenticate through openldap server which is running on the same box as the qmal server. from the admin console in zimbra I would like to connect to this openldap server.
    5. - After providing all the information such as the: ldaps://10.x.x.x port 636 SSL %u as the ldap filter the ldap bind username and password as well as an ldap user name and password to test settings. It does not work. I get the below error message:

    How do I import a certificate from the current openldap server to the new server where zimbra is installed?

    avax.naming.CommunicationException: simple bind failed: [Root exception is PKIX path building failed: xception: unable to find valid certification path to requested target]
    at com.sun.jndi.ldap.LdapClient.authenticate(LdapClie
    at com.sun.jndi.ldap.LdapCtx.connect( 0)
    at com.sun.jndi.ldap.LdapCtx.<init>(
    at com.sun.jndi.ldap.LdapCtxFactory.gezmprov mcf zimbraImapCleartextLoginEnabled TRUE
    zmprov mcf zimbraPop3CleartextLoginEnabled TRUE
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Ldap
    at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstanc e(
    at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext (
    at javax.naming.spi.NamingManager.getInitialContext(N
    at javax.naming.InitialContext.getDefaultInitCtx(Init
    at javax.naming.InitialContext.init(InitialContext.ja va:223)
    at javax.naming.ldap.InitialLdapContext.<init>(Initia
    at com.zimbra.cs.account.ldap.ZimbraLdapContext.<init >(
    at com.zimbra.cs.account.ldap.ZimbraLdapContext.<init >(
    at com.zimbra.cs.account.ldap.ZimbraLdapContext.<init >(
    at com.zimbra.cs.account.ldap.LdapUtil.ldapAuthentica te(
    at com.zimbra.cs.account.ldap.Check.checkAuthConfig(C
    at com.zimbra.cs.service.admin.CheckAuthConfig.handle (
    at com.zimbra.soap.SoapEngine.dispatchRequest(SoapEng
    at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.jav a:287)
    at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.jav a:158)
    at com.zimbra.soap.SoapServlet.doWork(SoapServlet.jav a:303)
    at com.zimbra.soap.SoapServlet.doPost(SoapServlet.jav a:217)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:725)
    at com.zimbra.cs.servlet.ZimbraServlet.service(Zimbra
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:814)
    at org.mortbay.jetty.servlet.ServletHolder.handle(Ser
    at org.mortbay.jetty.servlet.ServletHandler$CachedCha in.doFilter(
    at com.zimbra.cs.servlet.SetHeaderFilter.doFilter(Set
    at org.mortbay.jetty.servlet.ServletHandler$CachedCha in.doFilter(
    at org.mortbay.servlet.UserAgentFilter.doFilter(UserA
    at org.mortbay.servlet.GzipFilter.doFilter(GzipFilter .java:132)
    at org.mortbay.jetty.servlet.ServletHandler$CachedCha in.doFilter(
    at org.mortbay.jetty.servlet.ServletHandler.handle(Se
    at org.mortbay.jetty.servlet.SessionHandler.handle(Se
    at org.mortbay.jetty.handler.ContextHandler.handle(Co
    at org.mortbay.jetty.webapp.WebAppContext.handle(WebA
    at org.mortbay.jetty.handler.ContextHandlerCollection .handle(
    at org.mortbay.jetty.handler.HandlerCollection.handle (
    at org.mortbay.jetty.handler.HandlerWrapper.handle(Ha
    at org.mortbay.jetty.handler.rewrite.RewriteHandler.h andle(
    at org.mortbay.jetty.handler.HandlerWrapper.handle(Ha
    at org.mortbay.jetty.handler.DebugHandler.handle(Debu
    at org.mortbay.jetty.handler.HandlerWrapper.handle(Ha
    at org.mortbay.jetty.Server.handle(
    at org.mortbay.jetty.HttpConnection.handleRequest(Htt
    at org.mortbay.jetty.HttpConnection$ ntent(
    at org.mortbay.jetty.HttpParser.parseNext(HttpParser. java:756)
    at org.mortbay.jetty.HttpParser.parseAvailable(HttpPa
    at org.mortbay.jetty.HttpConnection.handle(HttpConnec
    at org.mortbay.thread.BoundedThreadPool$ n(
    Caused by: PKIX path building failed: xception: unable to find valid certification path to requested target
    at n(
    at erCertificate(
    at essMessage(
    at p(
    at cord(
    at ord(
    at InitialHandshake(
    at aRecord(
    at 20)
    Caused by: PKIX path building failed: xception: unable to find valid certification path to requested target

  2. #2
    Join Date
    May 2012
    Salt Lake City
    Rep Power


    If I use ldap server name = IP address of openldap server
    ldap port number = 389
    ldap filter = %u
    ldap search base = empty

    the bind external user name and password.
    user name & password to test authentication settings.

    I get this error:
    javax.naming.InvalidNameException: [LDAP: error code 34 - invalid DN]

    Not sure what I am doing wrong or why this is failing..

    Thanks for your help.

Similar Threads

  1. need advice on configuring zimbra to work with fax server
    By pheonix1t in forum Administrators
    Replies: 0
    Last Post: 07-11-2007, 07:46 PM
  2. External LDAP Problem
    By facerw in forum Installation
    Replies: 7
    Last Post: 05-08-2007, 04:29 AM
  3. Authentication to external ldap stop working.
    By jahaj in forum Installation
    Replies: 3
    Last Post: 12-05-2006, 02:17 PM
  4. External LDAP - Users can't log in
    By bjimerson in forum Administrators
    Replies: 4
    Last Post: 08-20-2006, 01:27 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts