External LDAP user can not login on web

[surasit_a]

I set up ldap server
ip 10.70.15.23
and zimbra 10.70.15.24

i set up GAL
LDAP filter cn=*%s*
LDAP search base : dc=test,dc=tcom

and set up authentication
LDAP filter cn=%u
LDAP search base : dc=test,dc=com

it set complete

but problem user can not login to web for check mail
Please help me

Thank you verymuch

[p24t]

Welcome to the forums. Sometimes it helps to know what version you're running, you can find out by running "zmcontrol -v".

The GAL should be internally created by Zimbra, you shouldn't need to modify that unless you have a specific reason.

Now, your LDAP server is configured differently than mine, but here is how my auth is set up:

Code:

Authentication mechanism: 	
External LDAP
LDAP bind DN template: 	
LDAP URL: 	ldap://ldap:389
LDAP filter: 	uid=%u
LDAP search base: 	ou=people,dc=domain,dc=com
Use DN/Password to bind to external server: 	No

What is the error? If the Test works during the authentication config, then it should be working fine. Check your error logs in /opt/zimbra/log to see if there are any issues.

[surasit_a]

Quote:

Originally Posted by p24t

Welcome to the forums. Sometimes it helps to know what version you're running, you can find out by running "zmcontrol -v".

The GAL should be internally created by Zimbra, you shouldn't need to modify that unless you have a specific reason.

Now, your LDAP server is configured differently than mine, but here is how my auth is set up:

Code:

Authentication mechanism: 	
External LDAP
LDAP bind DN template: 	
LDAP URL: 	ldap://ldap:389
LDAP filter: 	uid=%u
LDAP search base: 	ou=people,dc=domain,dc=com
Use DN/Password to bind to external server: 	No

What is the error? If the Test works during the authentication config, then it should be working fine. Check your error logs in /opt/zimbra/log to see if there are any issues.

Thank you for you answer
my zimbra version zcs-5.0.5_GA_2201.RHEL5.22080417012110.tgz
zmcontrol -v
release 5.0.5_GA_2201.RHEL5.22080417012110 RHEL5 FOSS Edition

and
uthentication mechanism:
External LDAP
LDAP bind DN template:
LDAP URL: ldap://10.70.15.23:389
LDAP filter: uid=%u
LDAP search base: dc=test,dc=com
Use DN/Password to bind to external server: Yes
Bind DN: cn=Manager,dc=test,dc=com

Thank you very much for reply

[p24t]

Well I assume your LDAP config is correct, if the test works properly. Can you tell us what kind of error the user is getting, is anyone able to log in, and are there any errors in the logs? Log Files - Zimbra :: Wiki

[surasit_a]

Quote:

Originally Posted by p24t

Well I assume your LDAP config is correct, if the test works properly. Can you tell us what kind of error the user is getting, is anyone able to log in, and are there any errors in the logs? Log Files - Zimbra :: Wiki

when i want to check mail in webbase e-mail
i login with username and password
but can not login to webbase email

[surasit_a]

Quote:

Originally Posted by p24t

Well I assume your LDAP config is correct, if the test works properly. Can you tell us what kind of error the user is getting, is anyone able to log in, and are there any errors in the logs? Log Files - Zimbra :: Wiki

this is part of audit.log in /opt/zimbra/log

2008-06-16 10:47:22,152 WARN [btpool0-5] [ua=zclient/5.0.5_GA_2201.RHEL5;oip=10.70.15.24;] security - cmd=Auth; account=surasit@test.com; protocol=soap; error=authentication failed for surasit@test.com, external LDAP auth failed, empty search;
2008-06-16 10:47:22,402 WARN [btpool0-5] [ua=zclient/5.0.5_GA_2201.RHEL5;oip=10.70.15.24;] security - cmd=Auth; account=surasit@test.com; protocol=soap; error=authentication failed for surasit@test.com, external LDAP auth failed, empty search;
2008-06-16 10:47:22,652 WARN [btpool0-5] [ua=zclient/5.0.5_GA_2201.RHEL5;oip=10.70.15.24;] security - cmd=Auth; account=surasit@test.com; protocol=soap; error=authentication failed for surasit@test.com, external LDAP auth failed, empty search;
2008-06-16 10:48:47,995 WARN [btpool0-5] [ua=zclient/5.0.5_GA_2201.RHEL5;oip=10.70.15.24;] security - cmd=Auth; account=surasit@test.com; protocol=soap; error=authentication failed for surasit@test.com, external LDAP auth failed, empty search;
2008-06-16 10:48:54,168 INFO [btpool0-7] [name=admin@test.com;ip=10.70.15.24;ua=ZimbraWebCli ent - FF3.0 (Linux);] security - cmd=DeleteAccount; name=surasit@test.com; id=9f1a6503-1b1c-4cb8-8d7a-30c40827faaa;

thank you for reply

[p24t]

According to that error, it's not finding the account in your external LDAP. Can you try running the same search manually to see if you get any results? Also, is this the user that you did the Test with during the LDAP configuration? And I assume that you've created the corresponding surasit user in your external LDAP server?

[surasit_a]

Thank you p24t for reply
When i config in domain > test.com > authentication or GAL
I can search user surasit in external ldap
and i ldapsearch in ldap server i can found user surasit in server