Results 1 to 9 of 9

Thread: Active Directory GAL help

  1. #1
    Join Date
    Nov 2005
    Posts
    26
    Rep Power
    10

    Default Active Directory GAL help

    I need some help getting the GAL setup for my active directory domain. The domain is a Windows 2003 native domain. I follow the setup wizard and enter the binddn of administrator however when I test my GAL settings I get the following Check.FAILURE error:

    javax.naming.PartialResultException [Root exception is javax.naming.CommunicationException: ad.lsky.ca:389 [Root exception is java.net.UnknownHostException: ad.lsky.ca]]
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImp l(LdapNamingEnumeration.java:224)
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMore(Ld apNamingEnumeration.java:171)
    at com.zimbra.cs.account.ldap.LdapUtil.searchLdapGal( LdapUtil.java:774)
    at com.zimbra.cs.account.ldap.Check.checkGalConfig(Ch eck.java:190)
    at com.zimbra.cs.service.admin.CheckGalConfig.handle( CheckGalConfig.java:58)
    at com.zimbra.soap.SoapEngine.dispatchRequest(SoapEng ine.java:249)
    at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.jav a:163)
    at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.jav a:84)
    at com.zimbra.soap.SoapServlet.doPost(SoapServlet.jav a:226)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:709)
    at com.zimbra.cs.servlet.ZimbraServlet.service(Zimbra Servlet.java:148)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:802)
    at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:252)
    at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:173)
    at org.apache.catalina.core.StandardWrapperValve.invo ke(StandardWrapperValve.java:214)
    at org.apache.catalina.core.StandardContextValve.invo ke(StandardContextValve.java:178)
    at org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java:126)
    at org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:105)
    at org.apache.catalina.core.StandardEngineValve.invok e(StandardEngineValve.java:107)
    at org.apache.catalina.valves.AccessLogValve.invoke(A ccessLogValve.java:526)
    at org.apache.catalina.connector.CoyoteAdapter.servic e(CoyoteAdapter.java:148)
    at org.apache.coyote.http11.Http11Processor.process(H ttp11Processor.java:825)
    at org.apache.coyote.http11.Http11Protocol$Http11Conn ectionHandler.processConnection(Http11Protocol.jav a:738)
    at org.apache.tomcat.util.net.PoolTcpEndpoint.process Socket(PoolTcpEndpoint.java:526)
    at org.apache.tomcat.util.net.LeaderFollowerWorkerThr ead.runIt(LeaderFollowerWorkerThread.java:80)
    at org.apache.tomcat.util.threads.ThreadPool$ControlR unnable.run(ThreadPool.java:684)
    at java.lang.Thread.run(Thread.java:595)
    Caused by: javax.naming.CommunicationException: ad.lsky.ca:389 [Root exception is java.net.UnknownHostException: ad.lsky.ca]
    at com.sun.jndi.ldap.LdapReferralContext.<init>(LdapR eferralContext.java:74)
    at com.sun.jndi.ldap.LdapReferralException.getReferra lContext(LdapReferralException.java:132)
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreRef errals(LdapNamingEnumeration.java:339)
    at com.sun.jndi.ldap.LdapNamingEnumeration.hasMoreImp l(LdapNamingEnumeration.java:208)
    ... 26 more
    Caused by: java.net.UnknownHostException: ad.lsky.ca
    at java.net.PlainSocketImpl.connect(PlainSocketImpl.j ava:177)
    at java.net.SocksSocketImpl.connect(SocksSocketImpl.j ava:364)
    at java.net.Socket.connect(Socket.java:507)
    at sun.reflect.GeneratedMethodAccessor32.invoke(Unkno wn Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(De legatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:585)
    at com.sun.jndi.ldap.Connection.createSocket(Connecti on.java:333)
    at com.sun.jndi.ldap.Connection.<init>(Connection.jav a:181)
    at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.jav a:118)
    at com.sun.jndi.ldap.LdapClientFactory.createPooledCo nnection(LdapClientFactory.java:44)
    at com.sun.jndi.ldap.pool.Connections.<init>(Connecti ons.java:97)
    at com.sun.jndi.ldap.pool.Pool.getPooledConnection(Po ol.java:114)
    at com.sun.jndi.ldap.LdapPoolManager.getLdapClient(Ld apPoolManager.java:310)
    at com.sun.jndi.ldap.LdapClient.getInstance(LdapClien t.java:1572)
    at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:259 6)
    at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapC txFactory.java:175)
    at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstanc e(LdapCtxFactory.java:134)
    at com.sun.jndi.url.ldap.ldapURLContextFactory.
    And yes, I've read the adminos pdf and still no luck.
    Last edited by jmeier; 11-29-2005 at 03:58 PM.

  2. #2
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default host unknown

    Can the zimbra box resolve the hostname you gave it?
    java.net.UnknownHostException: ad.lsky.ca]]

  3. #3
    Join Date
    Nov 2005
    Posts
    26
    Rep Power
    10

    Default

    Quote Originally Posted by marcmac
    Can the zimbra box resolve the hostname you gave it?
    java.net.UnknownHostException: ad.lsky.ca]]
    Yes. I am able to do an ldapsearch on it as well as a zmprov.

  4. #4
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default name resolution

    Sometimes, the ldap commands will not use DNS, where the system will - can you run:
    host <hostname> on that hostname, and verify that it resolves in DNS?

  5. #5
    Join Date
    Nov 2005
    Posts
    26
    Rep Power
    10

    Default

    Quote Originally Posted by marcmac
    Sometimes, the ldap commands will not use DNS, where the system will - can you run:
    host <hostname> on that hostname, and verify that it resolves in DNS?
    Would this also affect the authentication portion of the setup as well? because that works perfectly. In resolv.conf i have the IP address of the domain controller hosting ad.lsky.ca as the main domain server and I have verified that it works by performing nslookups.

    If this is a DNS issue what else can I check to make sure everything is setup properly?

    As far as the GAL setup goes I enter in my AD servers (in this case two, a primary and a backup - 10.196.161.10 and 10.196.161.11), I enter the bind dn of administrator@ad.lsky.ca.

  6. #6
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    Quote Originally Posted by jmeier
    If this is a DNS issue what else can I check to make sure everything is setup properly?
    On the Zimbra box run:


    host ad.lsky.ca
    Looking for new beta users -> Co-Founder of Acompli. Previously worked at Zimbra (and Yahoo! & VMware) since 2005.

  7. #7
    Join Date
    Nov 2005
    Posts
    26
    Rep Power
    10

    Default

    Quote Originally Posted by KevinH
    On the Zimbra box run:


    host ad.lsky.ca
    [root@zimbra ~]# host ad.lsky.ca
    ad.lsky.ca has address 10.196.161.10
    ad.lsky.ca has address 10.196.161.11

  8. #8
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default 2 addresses?

    Why is it returning 2 addresses?

  9. #9
    Join Date
    Nov 2005
    Posts
    26
    Rep Power
    10

    Default

    Quote Originally Posted by marcmac
    Why is it returning 2 addresses?
    Because I have a primary and backup domain controller. The problem is fixed now. I rebooted my domain controller an I am now able to search the GAL.

Similar Threads

  1. Replies: 1
    Last Post: 05-28-2008, 05:18 AM
  2. GAL not working with Active Directory
    By ardiederich in forum Installation
    Replies: 13
    Last Post: 02-12-2008, 08:01 PM
  3. centos 5 zimbra 4.5.6 no statistics
    By rutman286 in forum Installation
    Replies: 9
    Last Post: 08-14-2007, 10:30 AM
  4. GAL with Active Directory
    By robrusso in forum Installation
    Replies: 1
    Last Post: 07-31-2006, 11:34 AM
  5. Active Directory GAL Problem
    By TheZog in forum Installation
    Replies: 5
    Last Post: 04-06-2006, 06:48 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •