[SOLVED] upgrade 4.5.6 > 5.0GA unable to bind to ldap

[captainmish]

Hello

I am trying to upgrade a test server to 5.0GA from 4.5.6 (NE) on ubuntu 6.06. The initial install and then restore of the live data went fine, and everything worked as expected (running the test in a vmware guest).

I then ran the 5.0 install.sh as root, and proceeded to upgrade. The process seems to go fine, but then starts giving errors:

Unable to bind to ldap://serveraddy:389 with password PASSWORD:
in the logs

and

ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.Authentication... could not scroll back to console output, so dont know how this ends, but its similar to the log message)

It eventually gets to the configuration menu (setting defaults from existing config...) and then has almost no config settings, with the error

Address unconfigured (**) items or correct ldap configuration

Anyone seen this, or have any ideas? Now that the upgrade is half way, I cant go and reset the ldap password. Does it keep the autogenerated ldap password from setup, or is this restored from the backups during a restore (if so, I can just use the live server's password)

Any ideas appreciated!

[JHill]

Had the same problem, ended up being resolved by a support engineer...

[captainmish]

thanks jhill, any idea what they did? spose i might have to use one of those tickets then...

[JHill]

Unfortunately, I don't know for sure. They logged in to our server and fixed it.

They sent along this:
"The syntax for zmldappassword has changed for 5.0 (you may have noticed this), though it still wasn't working for the zimbra admin dn, so I set the ldap password manually. I think everything is running ok now. Check it out and let me know if there are still any problems."

At that point, I ran back through /opt/zimbra/libexec/zmsetup.pl, which ran fine. Had a couple issues after that with commercial certs, but the fixes for those have been covered pretty well in the forums.

[captainmish]

Cool, thanks - the ldappasswd was a clue - i reset the ldap password with this, and then killed a straggling slapd process, it seems to be getting further than before now

[quanah]

Unfortunately, in the 4.5.x release series, it was possible for the password stored in LDAP for the admin user to be incorrect, as it was never actually used. This is because the admin user was also the LDAP rootdn user. 5.0 splits that out so that the rootdn user and the admin user are different. Unforutnately, this is exposing the fact that in some cases, the LDAP database password for the admin user was not set correctly in the past.

--Quanah