Results 1 to 6 of 6

Thread: authenticating zimbra against Active Directory 2003

  1. #1
    khiloc is offline Junior Member
    Join Date
    Jan 2009
    Posts
    5
    Rep Power
    6

    Default authenticating zimbra against Active Directory 2003

    Hello all!!!

    What a great software.....
    Currently installing OS 7.1

    domain: domain.net
    server: mail.domain.net
    is in DMZ


    got AD server running in LAN (subnet different from DMZ and behind a FW)

    LAN Active Directory: domain.local


    how can i manage to get zimbra authenticating against this AD??

    just tried but keep getting this error:

    connection refused

    javax.naming.CommunicationException: 192.168.0.10:3268 [Root exception is java.net.ConnectException: Connection timed out]
    at com.sun.jndi.ldap.Connection.<init>(Connection.jav a:200)
    at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.jav a:118)
    at com.sun.jndi.ldap.LdapClient.getInstance(LdapClien t.java:1580)
    at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:265 2)
    at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:293)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapC txFactory.java:175)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Ldap CtxFactory.java:193)
    at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstanc e(LdapCtxFactory.java:136)
    at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext (LdapCtxFactory.java:66)
    at javax.naming.spi.NamingManager.getInitialContext(N amingManager.java:667)
    at javax.naming.InitialContext.getDefaultInitCtx(Init ialContext.java:288)
    at javax.naming.InitialContext.init(InitialContext.ja va:223)
    at javax.naming.ldap.InitialLdapContext.<init>(Initia lLdapContext.java:134)
    at com.zimbra.cs.account.ldap.ZimbraLdapContext.ldapA uthenticate(ZimbraLdapContext.java:622)
    at com.zimbra.cs.account.ldap.LdapUtil.ldapAuthentica te(LdapUtil.java:94)
    at com.zimbra.cs.account.ldap.Check.checkAuthConfig(C heck.java:177)
    at com.zimbra.cs.service.admin.CheckAuthConfig.handle (CheckAuthConfig.java:45)
    at com.zimbra.soap.SoapEngine.dispatchRequest(SoapEng ine.java:412)
    at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.jav a:287)
    at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.jav a:158)
    at com.zimbra.soap.SoapServlet.doWork(SoapServlet.jav a:294)
    at com.zimbra.soap.SoapServlet.doPost(SoapServlet.jav a:215)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:725)
    at com.zimbra.cs.servlet.ZimbraServlet.service(Zimbra Servlet.java:208)
    at javax.servlet.http.HttpServlet.service(HttpServlet .java:814)
    at org.mortbay.jetty.servlet.ServletHolder.handle(Ser vletHolder.java:511)
    at org.mortbay.jetty.servlet.ServletHandler$CachedCha in.doFilter(ServletHandler.java:1166)
    at com.zimbra.cs.servlet.SetHeaderFilter.doFilter(Set HeaderFilter.java:79)
    at org.mortbay.jetty.servlet.ServletHandler$CachedCha in.doFilter(ServletHandler.java:1157)
    at org.mortbay.servlet.UserAgentFilter.doFilter(UserA gentFilter.java:81)
    at org.mortbay.servlet.GzipFilter.doFilter(GzipFilter .java:132)
    at org.mortbay.jetty.servlet.ServletHandler$CachedCha in.doFilter(ServletHandler.java:1157)
    at org.mortbay.jetty.servlet.ServletHandler.handle(Se rvletHandler.java:388)
    at org.mortbay.jetty.security.SecurityHandler.handle( SecurityHandler.java:218)
    at org.mortbay.jetty.servlet.SessionHandler.handle(Se ssionHandler.java:182)
    at org.mortbay.jetty.handler.ContextHandler.handle(Co ntextHandler.java:765)
    at org.mortbay.jetty.webapp.WebAppContext.handle(WebA ppContext.java:422)
    at org.mortbay.jetty.handler.ContextHandlerCollection .handle(ContextHandlerCollection.java:230)
    at org.mortbay.jetty.handler.HandlerCollection.handle (HandlerCollection.java:114)
    at org.mortbay.jetty.handler.HandlerWrapper.handle(Ha ndlerWrapper.java:152)
    at org.mortbay.jetty.handler.rewrite.RewriteHandler.h andle(RewriteHandler.java:230)
    at org.mortbay.jetty.handler.HandlerWrapper.handle(Ha ndlerWrapper.java:152)
    at org.mortbay.jetty.handler.DebugHandler.handle(Debu gHandler.java:77)
    at org.mortbay.jetty.handler.HandlerWrapper.handle(Ha ndlerWrapper.java:152)
    at org.mortbay.jetty.Server.handle(Server.java:326)
    at org.mortbay.jetty.HttpConnection.handleRequest(Htt pConnection.java:583)
    at org.mortbay.jetty.HttpConnection$RequestHandler.co ntent(HttpConnection.java:986)
    at org.mortbay.jetty.HttpParser.parseNext(HttpParser. java:756)
    at org.mortbay.jetty.HttpParser.parseAvailable(HttpPa rser.java:218)
    at org.mortbay.jetty.HttpConnection.handle(HttpConnec tion.java:414)
    at org.mortbay.io.nio.SelectChannelEndPoint.run(Selec tChannelEndPoint.java:429)
    at org.mortbay.thread.BoundedThreadPool$PoolThread.ru n(BoundedThreadPool.java:451)
    Caused by: java.net.ConnectException: Connection timed out
    at java.net.PlainSocketImpl.socketConnect(Native Method)
    at java.net.PlainSocketImpl.doConnect(PlainSocketImpl .java:351)
    at java.net.PlainSocketImpl.connectToAddress(PlainSoc ketImpl.java:213)
    at java.net.PlainSocketImpl.connect(PlainSocketImpl.j ava:200)
    at java.net.SocksSocketImpl.connect(SocksSocketImpl.j ava:366)
    at java.net.Socket.connect(Socket.java:529)
    at sun.reflect.GeneratedMethodAccessor6.invoke(Unknow n Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(De legatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at com.sun.jndi.ldap.Connection.createSocket(Connecti on.java:339)
    at com.sun.jndi.ldap.Connection.<init>(Connection.jav a:187)
    ... 51 more

  2. #2
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Quote Originally Posted by khiloc View Post
    how can i manage to get zimbra authenticating against this AD??

    just tried but keep getting this error:

    connection refused
    I would guess as the AD server is on a different LAN and behind a firewall you have a routing problem or the firewall is blocking access to AD or the AD server isn't accepting connections. Can you telnet to the AD server from your Zimbra server? If not I'd suggest you ask your networking Admin or the Admin of the AD server what the problem is likely to be.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    khiloc is offline Junior Member
    Join Date
    Jan 2009
    Posts
    5
    Rep Power
    6

    Default

    yes tried telneting from zimbra in dmz to AD on wich port???
    have tried
    telnet 192.168.0.10 3268
    telnet 192.168.0.10 389


    both not working

    but i'm the network admin myself and have open everything on the FW

  4. #4
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Quote Originally Posted by khiloc View Post
    yes tried telneting from zimbra in dmz to AD on wich port???
    Active Directory is really an LDAP server so the default port it listens on is ..... 389.

    Quote Originally Posted by khiloc View Post
    but i'm the network admin myself and have open everything on the FW
    Are you also the Admin of the AD server? The fact you get a connection refused means that the service is up and running but not accepting connections. Other than that I have no idea of your AD configuration so I can't offer specific advice on the resolution. You could have a look at some of these threads and see if there's a solution: +"active directory" +"lconnection refused" - Yahoo! Search Results
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    khiloc is offline Junior Member
    Join Date
    Jan 2009
    Posts
    5
    Rep Power
    6

    Default

    ok

    tested from the lan and the server is respondin on port 389

    so going to check deeper on my FW...

    by the way if ldap port is 388 by default, so why in zimbra web admin interface, where we configure ad auth stuff the put in port 3268???

  6. #6
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Quote Originally Posted by khiloc View Post
    by the way if ldap port is 388 by default, so why in zimbra web admin interface, where we configure ad auth stuff the put in port 3268???
    Port 3268 is the Global Catalogue.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. fatal: parameter "smtpd_recipient_restrictions"
    By Robin in forum Administrators
    Replies: 8
    Last Post: 12-22-2010, 05:48 AM
  2. Replies: 10
    Last Post: 10-05-2010, 05:53 PM
  3. zmperditionctl start asking for password
    By k7sle in forum Administrators
    Replies: 32
    Last Post: 02-20-2008, 11:13 AM
  4. Big Fubar on 5 FOSS GA Upgrade
    By uxbod in forum Administrators
    Replies: 24
    Last Post: 01-21-2008, 03:37 AM
  5. Post instsallation problems
    By Assaf in forum Installation
    Replies: 14
    Last Post: 01-29-2007, 11:38 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •