Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Users can login

  1. #1
    TrinityEMS is offline Member
    Join Date
    Jul 2008
    Posts
    11
    Rep Power
    7

    Default Users can login

    Sorry, that's users CANNOT login. We are just starting our migration to Zimbra. All users have accounts, but only those with Administrator permissions can log into their webmail. We are not using LDAP authentication. Any ideas?
    Last edited by TrinityEMS; 07-24-2008 at 07:22 AM. Reason: bad subject

  2. #2
    soxfan is offline Moderator
    Join Date
    Mar 2006
    Location
    Massachusetts
    Posts
    965
    Rep Power
    10

    Default

    You say you are not using LDAP authentication. Does that mean you are using the Zimbra Internal authentication?

    I'd start by looking in /opt/zimbra/log/mailbox.log for clues on why the regular users can't login.

  3. #3
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Welcome to the forums

    Are you able to login if you use user@domain.com or the short name of just user ?

  4. #4
    TrinityEMS is offline Member
    Join Date
    Jul 2008
    Posts
    11
    Rep Power
    7

    Default

    Actually, normal users are using LDAP. It seems that once a user is switched to Administrator, they do not use LDAP to login, so that was confusing. Users cannot login using user@domain.com or user.

  5. #5
    TrinityEMS is offline Member
    Join Date
    Jul 2008
    Posts
    11
    Rep Power
    7

    Default

    When a user attempts to login, I get this in the /opt/zimbra/log/maillog.log:

    2008-07-23 12:53:46,208 INFO [btpool0-0] [ua=zclient/5.0.4_GA_2101.RHEL5;oip=10.18.53.166;] SoapEngine - handler exception: authentication failed for user@domain.com, external LDAP auth failed, [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 525, v893^@]

  6. #6
    soxfan is offline Moderator
    Join Date
    Mar 2006
    Location
    Massachusetts
    Posts
    965
    Rep Power
    10

    Default

    I don't use LDAP authentication, but it sounds like a configuration issue with the LDAP set-up.

  7. #7
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,582
    Rep Power
    57

    Default

    Quote Originally Posted by TrinityEMS View Post
    Actually, normal users are using LDAP. It seems that once a user is switched to Administrator, they do not use LDAP to login, so that was confusing. Users cannot login using user@domain.com or user.
    Have you actually created the use accounts in Zimbra? You'll need to provision them in Zimbre before they will be able to login.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  8. #8
    TrinityEMS is offline Member
    Join Date
    Jul 2008
    Posts
    11
    Rep Power
    7

    Default

    yes, the users are all configured in Zimbra with local passwords, but the GAL and the authentication are set for Active Directory. I have not been able to get any authentication scheme to test properly using either the GAL test or the Authentication test.

  9. #9
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,582
    Rep Power
    57

    Default

    Well, in that case the authentication error you've posted above is correct. You would appear to have a problem with the credentials you're passing to AD. Have a look at the DN you need to pass and modify them in the authentication wizard, see this wiki article for finding the DN: LDAP Active Directory - Zimbra :: Wiki
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  10. #10
    TrinityEMS is offline Member
    Join Date
    Jul 2008
    Posts
    11
    Rep Power
    7

    Default

    Still having problems. I confirmed the proper DN using the ADSI Edit tool, so I still don't know why this is failing. I have the following settings which were based on another implementation that is working fine:

    GAL mode: External
    Most results returned by GAL search: 100
    Server type: LDAP
    LDAP filter:* (|(cn=%s*)(sn=%s*)(gn=%s*)(mail=%s*))
    Autocomplete filter: (|(cn=%s*)(sn=%s*)(gn=%s*)(mail=%s*))
    LDAP search base: dc=domain,dc=local
    LDAP URL: ldap://trinity.domain.local:3268
    Bind DN: cn=administrator,cn=users,dc=domain,dc=local

    Authentication mechanism: External Active Directory
    LDAP bind DN template: %u@domain.local
    LDAP URL: ldap://trinity.domain.local:389

    I'm lost as to why this would not be working. Please help.
    Last edited by TrinityEMS; 07-25-2008 at 12:56 PM.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [SOLVED] Last login times for users
    By Kent17 in forum Administrators
    Replies: 5
    Last Post: 04-23-2008, 01:28 PM
  2. Login showing wrong users email
    By gfdos.sys in forum Administrators
    Replies: 10
    Last Post: 04-08-2008, 08:13 AM
  3. [SOLVED] Export users, last login, cos and quota
    By NOZIL in forum Administrators
    Replies: 2
    Last Post: 10-16-2007, 07:39 PM
  4. Can Ldap autheticate user's system login
    By bylong in forum Installation
    Replies: 6
    Last Post: 07-04-2007, 09:01 PM
  5. get a login user's phone number from GAL
    By Yokomie in forum Zimlets
    Replies: 0
    Last Post: 04-16-2007, 12:21 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •