Results 1 to 7 of 7

Thread: [SOLVED] error in ldap auth

  1. #1
    glimpse79 is offline Senior Member
    Join Date
    Oct 2008
    Posts
    50
    Rep Power
    6

    Default [SOLVED] error in ldap auth

    Hi to all,

    i try to migrate the auth of zimbra user from internal to External LDAP, my ldap server run openLdap, and

    ldapsearch -xLLL -H ldap://<myserver> -b "<my basename>"

    works great...

    but when i try to bind zimbra to ldap i get this error (even if the credential are correct):

    javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]
    at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.jav a:2985)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCt x.java:2931)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCt x.java:2732)
    at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:264 6)
    at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapC txFactory.java:175)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Ldap CtxFactory.java:193)
    at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstanc e(LdapCtxFactory.java:136)
    at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext (LdapCtxFactory.java:66)
    at javax.naming.spi.NamingManager.getInitialContext(N amingManager.java:667)
    at javax.naming.InitialContext.getDefaultInitCtx(Init ialContext.java:247)
    at javax.naming.InitialContext.init(InitialContext.ja va:223)
    at javax.naming.ldap.InitialLdapContext.<init>(Initia lLdapContext.java:134)
    at com.zimbra.cs.account.ldap.ZimbraLdapContext.ldapA uthenticate(ZimbraLdapContext.java:441)
    at com.zimbra.cs.account.ldap.LdapUtil.ldapAuthentica te(LdapUtil.java:117)
    at com.zimbra.cs.account.ldap.LdapUtil.ldapAuthentica te(LdapUtil.java:154)
    at com.zimbra.cs.account.ldap.Check.checkAuthConfig(C heck.java:170)
    at com.zimbra.cs.service.admin.CheckAuthConfig.handle (CheckAuthConfig.java:46)
    at com.zimbra.soap.SoapEngine.dispatchRequest(SoapEng ine.java:411)
    at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.jav a:268)
    at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.jav a:160)
    at com.zimbra.soap.SoapServlet.doPost(SoapServlet.jav a:269)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:727)
    at com.zimbra.cs.servlet.ZimbraServlet.service(Zimbra Servlet.java:189)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:820)
    at org.mortbay.jetty.servlet.ServletHolder.handle(Ser vletHolder.java:487)
    at org.mortbay.jetty.servlet.ServletHandler$CachedCha in.doFilter(ServletHandler.java:1093)
    at org.mortbay.servlet.UserAgentFilter.doFilter(UserA gentFilter.java:81)
    at org.mortbay.servlet.GzipFilter.doFilter(GzipFilter .java:132)
    at org.mortbay.jetty.servlet.ServletHandler$CachedCha in.doFilter(ServletHandler.java:1084)
    at org.mortbay.jetty.servlet.ServletHandler.handle(Se rvletHandler.java:360)
    at org.mortbay.jetty.security.SecurityHandler.handle( SecurityHandler.java:216)
    at org.mortbay.jetty.servlet.SessionHandler.handle(Se ssionHandler.java:181)
    at org.mortbay.jetty.handler.ContextHandler.handle(Co ntextHandler.java:716)
    at org.mortbay.jetty.webapp.WebAppContext.handle(WebA ppContext.java:406)
    at org.mortbay.jetty.handler.ContextHandlerCollection .handle(ContextHandlerCollection.java:211)
    at org.mortbay.jetty.handler.HandlerCollection.handle (HandlerCollection.java:114)
    at org.mortbay.jetty.handler.HandlerWrapper.handle(Ha ndlerWrapper.java:139)
    at org.mortbay.jetty.handler.rewrite.RewriteHandler.h andle(RewriteHandler.java:350)
    at org.mortbay.jetty.handler.HandlerWrapper.handle(Ha ndlerWrapper.java:139)
    at org.mortbay.jetty.Server.handle(Server.java:313)
    at org.mortbay.jetty.HttpConnection.handleRequest(Htt pConnection.java:506)
    at org.mortbay.jetty.HttpConnection$RequestHandler.co ntent(HttpConnection.java:844)
    at org.mortbay.jetty.HttpParser.parseNext(HttpParser. java:644)
    at org.mortbay.jetty.HttpParser.parseAvailable(HttpPa rser.java:205)
    at org.mortbay.jetty.HttpConnection.handle(HttpConnec tion.java:381)
    at org.mortbay.io.nio.SelectChannelEndPoint.run(Selec tChannelEndPoint.java:396)
    at org.mortbay.thread.BoundedThreadPool$PoolThread.ru n(BoundedThreadPool.java:442)



    any ideas?


    thanks, L.

  2. #2
    bdial's Avatar
    bdial is offline Moderator
    Join Date
    Jul 2007
    Location
    Baltimore
    Posts
    1,649
    Rep Power
    11

    Default

    is your ldap server setup for anonymous binding, and is zimbra set for that as well? Usually that error isn't reflecting a failed login of a user account, but rather the error in the user you're trying to bind to the ldap server with in order to facilitate the authentication.

  3. #3
    glimpse79 is offline Senior Member
    Join Date
    Oct 2008
    Posts
    50
    Rep Power
    6

    Default

    Quote Originally Posted by bdial View Post
    is your ldap server setup for anonymous binding, and is zimbra set for that as well? Usually that error isn't reflecting a failed login of a user account, but rather the error in the user you're trying to bind to the ldap server with in order to facilitate the authentication.
    when i try to manually "ldapsearch" i did not bind any user, so "i think" that my ldap support anonymous binding...

  4. #4
    bdial's Avatar
    bdial is offline Moderator
    Join Date
    Jul 2007
    Location
    Baltimore
    Posts
    1,649
    Rep Power
    11

    Default

    yeah i woudl guess it does. Under the zimbra ldap authentication configuration do you have the setting Use DN/Password to bind to external server: on like the 3rd page on or off?

  5. #5
    glimpse79 is offline Senior Member
    Join Date
    Oct 2008
    Posts
    50
    Rep Power
    6

    Default

    Quote Originally Posted by bdial View Post
    yeah i woudl guess it does. Under the zimbra ldap authentication configuration do you have the setting Use DN/Password to bind to external server: on like the 3rd page on or off?
    off

    but in the last page if a do not put user/pass the error become "empty password"

  6. #6
    bdial's Avatar
    bdial is offline Moderator
    Join Date
    Jul 2007
    Location
    Baltimore
    Posts
    1,649
    Rep Power
    11

    Default

    it should work because like you say using ldapsearch is doing an anonymous bind. Maybe as a test try turning bind dn/password on and binding as the admin user for your openldap server.

    turning on debug on your openldap and looking at the syslog messages on there could help track down the problem too.

  7. #7
    glimpse79 is offline Senior Member
    Join Date
    Oct 2008
    Posts
    50
    Rep Power
    6

    Default

    i find the solution.. i have put a wrong filter for users

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 8
    Last Post: 08-07-2008, 05:18 AM
  2. External LDAP Auth with TLS
    By bvsantos in forum Administrators
    Replies: 1
    Last Post: 05-13-2008, 09:20 AM
  3. Zimbra Install Problem - getDirectContext
    By bsimzer in forum Installation
    Replies: 27
    Last Post: 07-19-2007, 10:12 AM
  4. Zimbra + Samba LDAP auth problems
    By fajarpri in forum Installation
    Replies: 3
    Last Post: 07-04-2007, 11:39 PM
  5. 3 testing: LDAP: 389 Failed when restore zimbra
    By victorLeong in forum Administrators
    Replies: 15
    Last Post: 05-24-2007, 06:45 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •