Results 1 to 4 of 4

Thread: Ldap error after migrating from 5.x to 6.x

  1. #1
    elesouef is offline Active Member
    Join Date
    Nov 2006
    Posts
    28
    Rep Power
    8

    Default Ldap error after migrating from 5.x to 6.x

    Hi,

    After migrating from Zimbra Opensource Edition 5.x to 6.x (which went well), I have a problem when querying OpenLdap with Java (tomcat6/java6). The query fails with the following Ldap error :

    LDAP Error 2 : [LDAP: error code 2 - manageDSAit control value not absent]

    It only concerns Java/JNDI applications.

    Do you have some ideas ?

    Thanks for your help.

  2. #2
    elesouef is offline Active Member
    Join Date
    Nov 2006
    Posts
    28
    Rep Power
    8

    Default

    Sorry to ask again but is there someone to help ?

    If I use an Openldap server from Debian Squeeze, my JNDI apps authenticate well.

    It appears to be related to OpenLDAP from Zimbra 6...

    Thanks for your help.

  3. #3
    dhape is offline Intermediate Member
    Join Date
    Sep 2011
    Posts
    15
    Rep Power
    3

    Default

    Did you make any configuration file customization?
    Do you have any ACLs applied to RootDSE entry?
    Did you try connecting without SSL?

  4. #4
    elesouef is offline Active Member
    Join Date
    Nov 2006
    Posts
    28
    Rep Power
    8

    Default

    Quote Originally Posted by dhape View Post
    Did you make any configuration file customization?
    Not at all.
    Quote Originally Posted by dhape View Post
    Do you have any ACLs applied to RootDSE entry?
    There are 10 ACLs applied for the whole Zimbra HDB Database :
    Code:
    olcAccess: {0}to attrs=userPassword  by anonymous auth  by dn.children="cn=ad
     mins,cn=zimbra" write
    olcAccess: {1}to dn.subtree="cn=zimbra"  by dn.children="cn=admins,cn=zimbra"
     write
    olcAccess: {2}to attrs=zimbraZimletUserProperties,zimbraGalLdapBindPassword,z
     imbraGalLdapBindDn,zimbraAuthTokenKey,zimbraPreAuthKey,zimbraPasswordHistory
     ,zimbraIsAdminAccount,zimbraAuthLdapSearchBindPassword  by dn.children="cn=a
     dmins,cn=zimbra" write  by * none
    olcAccess: {3}to attrs=objectclass  by dn.children="cn=admins,cn=zimbra" writ
     e by dn.base="uid=zmpostfix,cn=appaccts,cn=zimbra" read  by dn.base="uid=zma
     mavis,cn=appaccts,cn=zimbra" read  by * read
    olcAccess: {4}to attrs=@amavisAccount  by dn.children="cn=admins,cn=zimbra" w
     rite  by dn.base="uid=zmamavis,cn=appaccts,cn=zimbra" read  by * +0 break
    olcAccess: {5}to attrs=mail  by dn.children="cn=admins,cn=zimbra" write  by d
     n.base="uid=zmamavis,cn=appaccts,cn=zimbra" read  by * +0 break
    olcAccess: {6}to attrs=zimbraAllowFromAddress  by dn.children="cn=admins,cn=z
     imbra" write  by dn.base="uid=zmpostfix,cn=appaccts,cn=zimbra" read  by * no
     ne
    olcAccess: {7}to filter="(!(zimbraHideInGal=TRUE))"  attrs=cn,co,company,dc,d
     isplayName,givenName,gn,initials,l,mail,o,ou,physicalDeliveryOfficeName,post
     alCode,sn,st,street,streetAddress,telephoneNumber,title,uid  by dn.children=
     "cn=admins,cn=zimbra" write  by dn.base="uid=zmpostfix,cn=appaccts,cn=zimbra
     " read  by * read
    olcAccess: {8}to attrs=zimbraId,zimbraMailAddress,zimbraMailAlias,zimbraMailC
     anonicalAddress,zimbraMailCatchAllAddress,zimbraMailCatchAllCanonicalAddress
     ,zimbraMailCatchAllForwardingAddress,zimbraMailDeliveryAddress,zimbraMailFor
     wardingAddress,zimbraPrefMailForwardingAddress,zimbraMailHost,zimbraMailStat
     us,zimbraMailTransport,zimbraDomainName,zimbraDomainType,zimbraPrefMailLocal
     DeliveryDisabled  by dn.children="cn=admins,cn=zimbra" write  by dn.base="ui
     d=zmpostfix,cn=appaccts,cn=zimbra" read  by * read
    olcAccess: {9}to attrs=entry  by dn.children="cn=admins,cn=zimbra" write  by 
     * read
    olcAccess: {10}to dn.base=""  by * read
    Quote Originally Posted by dhape View Post
    Did you try connecting without SSL?
    For testing purpose, I don't use SSL nor TLS.

    I heard somewhere that this may be related to security contexts in OpenLdap 2.4. Could it be a Zimbra customization of OpenLdap building ?

    Thanks for your help. Really appreciated.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. LDAP problems after migrating from 6 to 7.1
    By nrodionov in forum Administrators
    Replies: 4
    Last Post: 07-07-2011, 06:31 AM
  2. LDAP Cannot bind on migration to new server
    By neekster in forum Migration
    Replies: 23
    Last Post: 03-09-2009, 02:08 AM
  3. Migrating from Postfix + LDAP to Zimbra
    By augustobsb in forum Administrators
    Replies: 2
    Last Post: 04-15-2008, 07:01 AM
  4. 3 testing: LDAP: 389 Failed when restore zimbra
    By victorLeong in forum Administrators
    Replies: 15
    Last Post: 05-24-2007, 06:45 AM
  5. Migrating Accounts from LDAP with Encrypted Passwords
    By andreychek in forum Administrators
    Replies: 3
    Last Post: 12-16-2005, 03:40 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •