Reconfiguring LDAP Authentication

[jonspurs]

Hi All,
I've done a search but couldn't find an exact answer.
Our previous network manager has set up Zimbra to authenticate against a Microsoft Active Directory. Now this all works fine, but soon we are having an upgrade of our DC with a new server name.

So I thought I'd check what auth settings we currently have, and to edit the server LDAP list.

Thing is though, I've gone into admin console > domains > configure authentication, and it is set to 'External Active Directory', with our server URL there already and port 3268. But when I type in a standard username/password in the next screen, the TEST fails:

Authentication test failed Server message: Authentication failed. Invalid credentials (bad dn/password)

zimbra javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece

...with more lines.

So I'm totally confused - how is it currently logging in users against AD when this test of the current settings says failed?

Is there a file on the zimbra server where I can see what the current settings are for LDAP authentication?

Or if anyone has ideas, I'd appreciate your help.
Thank you for your time,
Jon

[bdial]

they're domain attributes. i'm not sure what they're called when doing active directory but for ldap authentication you can see the attributes by doing

Code:

zmprov getDomain mydomain.com | grep -i ldap

some of hte first attributes are ones like

Code:

zimbraAuthLdapSearchBase: dc=mydomain,dc=com
zimbraAuthLdapSearchFilter: (uid=%u)
zimbraAuthLdapURL: ldap://ldap.mydomain.com:389
zimbraAuthMech: ldap

if you just do the zmprov getDomain mydomain.com without the grep it'll print out all domain attributes so you can parse through by hand and try to find the ones you need, theres a lot.