Results 1 to 3 of 3

Thread: External LDAP authentication problem

  1. #1
    Join Date
    May 2007
    Posts
    1
    Rep Power
    8

    Default External LDAP authentication problem

    Hello,
    I am testing zimbra on my centos 4.4 "sandbox" machine. The installation ended well.
    I can login the webmail and the administration panel with the default "admin" local user.
    I try to set up an external authentication.
    So I tried this:
    Code:
    Authentication mechanism: 	External LDAP
    LDAP bind DN template: 	
    LDAP URL: 	ldap://192.168.*.*:389
    LDAP filter: 	uid=%u
    LDAP search base: 	dc=**,dc=com
    Use DN/Password to bind to external server: 	Yes
    Bind DN: cn=**,dc=**,dc=com
    It works perfectly in the latest test page. But I cannot login with my LDAP users. Here is a trace of the log:
    Code:
    2007-05-14 14:34:41,518 INFO  [http-80-Processor97] [ua=zclient/4.5.5_GA_838.RHEL4;ip=127.0.0.1;] SoapEngine - handler exception
    com.zimbra.cs.account.AccountServiceException: authentication failed for mchamboredon@**.com
            at com.zimbra.cs.account.AccountServiceException.AUTH_FAILED(AccountServiceException.java:87)
            at com.zimbra.cs.service.account.Auth.handle(Auth.java:111)
            at com.zimbra.soap.SoapEngine.dispatchRequest(SoapEngine.java:270)
            at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.java:168)
            at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.java:90)
            at com.zimbra.soap.SoapServlet.doPost(SoapServlet.java:223)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
            at com.zimbra.cs.servlet.ZimbraServlet.service(ZimbraServlet.java:162)
            at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
            at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
            at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
            at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
            at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
            at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
            at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
            at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
            at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)
            at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
            at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
            at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:667)
            at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
            at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
            at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
            at java.lang.Thread.run(Thread.java:595)
    This a fresh "zcs-4.5.5_GA_838.RHEL4.tgz" install which wasn't tweaked.
    I tied with "mchamboredon" but also "mchamboredon@domain.com" as login... The result is the same.
    What could you advice me to solve this problem ?

  2. #2
    Join Date
    Feb 2006
    Location
    France (Haute-Savoie)
    Posts
    123
    Rep Power
    9

    Default

    I had a similar problem : I tried to authenticate with the alias name ... it doesn't work ! You need to authenticate with the username.

    If you want to authenticate with your alias name, replace username by alias, and vice versa.

  3. #3
    Join Date
    Dec 2006
    Posts
    184
    Rep Power
    9

    Default

    We just got this same issue with a user. We have two message stores and are switching them between.

    COS-A is on SERVER-A
    COS-B is on SERVER-B

    Right now we moved the user's COS from COS-A to COS-B but apparently the account was closed before.

    The user can log in in SERVER-A, but if he tries to log in on SERVER-B he gets and error (an mailbox shows the dump as above).

    It's not password (the mailbox log dump is different and clearly shows invalid password), and we have several other users that were moved from COS...
    Last edited by su_A_ve; 01-16-2008 at 10:17 AM.

Similar Threads

  1. external ldap authentication over SSL problem
    By eyablon in forum Administrators
    Replies: 2
    Last Post: 05-05-2014, 04:44 AM
  2. External LDAP with GSSAPI authentication method
    By izvictor in forum Installation
    Replies: 17
    Last Post: 03-11-2009, 09:14 AM
  3. External LDAP Problem
    By facerw in forum Installation
    Replies: 7
    Last Post: 05-08-2007, 05:29 AM
  4. External LDAP Authentication Issue
    By xtreme-one in forum Installation
    Replies: 10
    Last Post: 02-16-2007, 07:52 PM
  5. Authentication to external ldap stop working.
    By jahaj in forum Installation
    Replies: 3
    Last Post: 12-05-2006, 03:17 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •