Results 1 to 7 of 7

Thread: install problem with FC4: LDAP: error code 49 - Invalid Credentials

Hybrid View

  1. #1
    Join Date
    Sep 2005
    Posts
    10
    Rep Power
    10

    Default install problem with FC4: LDAP: error code 49 - Invalid Credentials

    Hi,

    I have been following the various posts for FC4 and made some progress accordingly:
    - sym links for the crypto libs
    - mysql config for systems with little RAM

    now I am stuck with LDAP authentication. I get an authentication error when I try to check the LDAP config.

    [zimbra@godavari conf]$ zmprov gas
    ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.AuthenticationException [LDAP: error code 49 - Invalid Credentials])


    My guess is that with the various installs I have done, the LDAP password might be out of sync between two components (e.g. LDAP server and Java app).
    Is there a way to fix it by hand?

    Another question is how to start a clean install.
    I am doing \rm -r /opt/zimbra and then a re-install via install.sh.
    Is there a cleaner way of doing it?

    regards,

    Arnaud

  2. #2
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    Quote Originally Posted by sahuguet
    My guess is that with the various installs I have done, the LDAP password might be out of sync between two components (e.g. LDAP server and Java app).
    Is there a way to fix it by hand?
    zmldappasswd should be able to reset it. change both the user level and use the --root option to change the ldap password.


    Quote Originally Posted by sahuguet
    Another question is how to start a clean install.
    I am doing \rm -r /opt/zimbra and then a re-install via install.sh.
    Is there a cleaner way of doing it?
    install.sh -u

    This will remove everything. I suggest you try this if you've tried multiple installs. Best way to clean up and start fresh.

  3. #3
    Join Date
    Sep 2005
    Posts
    10
    Rep Power
    10

    Default making some progress ...

    The LDAP credential error has disappeared.

    For some reasons, I cannot start the services using zmcontrol start.
    I have to start them "manually":
    - ldap start
    - mysql.server start
    - tomcat start

    I get the following error in the zimbra.log file:

    Code:
    2005-09-13 00:52:15,764 INFO  [main] [] soap - Servlet SoapServlet starting up
    2005-09-13 00:52:16,409 INFO  [main] [] misc - version=2005.0.0_39.FC3 release=1_ARMSTRONG builddat
    e=20050829-1058 buildhost=wolfowitz.liquidsys.com
    2005-09-13 00:52:17,538 FATAL [main] [] soap - Unable to start servlet
    java.lang.RuntimeException: Error communicating with LDAP
            at com.zimbra.cs.util.Zimbra.checkLDAP(Zimbra.java:86)
            at com.zimbra.cs.util.Zimbra.startup(Zimbra.java:117)
            at com.zimbra.soap.SoapServlet.init(SoapServlet.java:77)
    And I have checked that my slapd server is running.

    Is there a way to check that the LDAP server is properly configured?
    With mysql, I can use the zmmysqlstatus command.

    Is there something similar with LDAP?
    Otherwise, is there a ldapsearch command I could try to check that things are working fine?

    regards,

    Arnaud

  4. #4
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    19

    Default

    One quick check is to telnet to port 389

    telnet 0 389


    See if ldap is actually bound to that port.

  5. #5
    Join Date
    Sep 2005
    Posts
    10
    Rep Power
    10

    Default

    LDAP is running.

    I was thinking more of an ldapsearch command that retrieves some attributes, as a way to check that everything is fine.

    For instance, I would like to retrieve some user info:
    Code:
    [root@godavari log]# /opt/zimbra/openldap/bin/ldapsearch -b "cn=admins,cn=zimbra"  -D "uid=zimbra,cn=admins,cn=zimbra" -X objectclass=organizationalPerson
    SASL/DIGEST-MD5 authentication started
    Please enter your password: 
    ldap_sasl_interactive_bind_s: Insufficient access (50)
            additional info: SASL(-14): authorization failure: unable authorization ID
    For the password, I am using the one I provided during the install for admin@.

    regards,

    Arnaud

  6. #6
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default zmprov

    zmprov gas - if ldap is working, that will return a server list.

    I suspect that the problem is credentials, and you need to reset the password with zmldappassword

    Quote Originally Posted by sahuguet
    LDAP is running.

    I was thinking more of an ldapsearch command that retrieves some attributes, as a way to check that everything is fine.

    For instance, I would like to retrieve some user info:
    Code:
    [root@godavari log]# /opt/zimbra/openldap/bin/ldapsearch -b "cn=admins,cn=zimbra"  -D "uid=zimbra,cn=admins,cn=zimbra" -X objectclass=organizationalPerson
    SASL/DIGEST-MD5 authentication started
    Please enter your password: 
    ldap_sasl_interactive_bind_s: Insufficient access (50)
            additional info: SASL(-14): authorization failure: unable authorization ID
    For the password, I am using the one I provided during the install for admin@.

    regards,

    Arnaud

  7. #7
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    14

    Default wrong password

    Quote Originally Posted by sahuguet
    LDAP is running.


    For the password, I am using the one I provided during the install for admin@.

    regards,

    Arnaud
    Just saw this - that's not the ldap password.

    The ldap password can be retrieved via zmlocalconfig -s zimbra_ldap_password

Similar Threads

  1. Multi Server Installation
    By rsharpe in forum Installation
    Replies: 6
    Last Post: 07-11-2007, 10:53 PM
  2. 3 testing: LDAP: 389 Failed when restore zimbra
    By victorLeong in forum Administrators
    Replies: 15
    Last Post: 05-24-2007, 07:45 AM
  3. Installation Problem - Possibly LDAP
    By geroshea in forum Installation
    Replies: 5
    Last Post: 03-16-2007, 05:47 AM
  4. Mac OSX install: Java errors & LDAP CA error
    By jefbear in forum Installation
    Replies: 9
    Last Post: 12-16-2006, 03:39 PM
  5. LDAP Invalid Credentials on install
    By rory_d in forum Installation
    Replies: 1
    Last Post: 09-30-2005, 09:51 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •