 OSX LDAP search string for Zimbra authentication
Hi,
We've got ZCS 5 running on an OSX 10.5 server. It seems to work OK, and the users have been provisioned and Mail migrated fine.
However, external LDAP authentication cannot be made to work at all.
The LDAP master is another OSX 10.5 server, which works fine as well. It's a straight up installation - only file and directory services are installed on the machine, no other apps.
Other applications can browse the LDAP list, so I think Zimbra's problem is that I cannot find a LDAP Filter string that works.
More specifically :
If in the "External LDAP Authentication Configuration Wizard" I put as an LDAP filter "uid=%u" or "mail=%u@domain.tld" when I run the test, I get :
javax.naming.AuthenticationException: empty search
at com.zimbra.cs.account.ldap.LdapUtil.ldapAuthentica te(LdapUtil.java:151)
at com.zimbra.cs.account.ldap.Check.checkAuthConfig(C heck.java:158)
at com.zimbra.cs.service.admin.CheckAuthConfig.handle (CheckAuthConfig.java:46)
at com.zimbra.soap.SoapEngine.dispatchRequest(SoapEng ine.java:410)
at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.jav a:267)
at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.jav a:159)
at com.zimbra.soap.SoapServlet.doPost(SoapServlet.jav a:266)
at javax.servlet.http.HttpServlet.service(HttpServlet .java:727)
at com.zimbra.cs.servlet.ZimbraServlet.service(Zimbra Servlet.java:188)
at javax.servlet.http.HttpServlet.service(HttpServlet .java:820)
at org.mortbay.jetty.servlet.ServletHolder.handle(Ser vletHolder.java:487)
at org.mortbay.jetty.servlet.ServletHandler$CachedCha in.doFilter(ServletHandler.java:1093)
at org.mortbay.servlet.UserAgentFilter.doFilter(UserA gentFilter.java:81)
at org.mortbay.servlet.GzipFilter.doFilter(GzipFilter .java:132)
at org.mortbay.jetty.servlet.ServletHandler$CachedCha in.doFilter(ServletHandler.java:1084)
at org.mortbay.jetty.servlet.ServletHandler.handle(Se rvletHandler.java:360)
at org.mortbay.jetty.security.SecurityHandler.handle( SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(Se ssionHandler.java:181)
at org.mortbay.jetty.handler.ContextHandler.handle(Co ntextHandler.java:716)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebA ppContext.java:406)
at org.mortbay.jetty.handler.ContextHandlerCollection .handle(ContextHandlerCollection.java:211)
at org.mortbay.jetty.handler.HandlerCollection.handle (HandlerCollection.java:114)
at org.mortbay.jetty.handler.HandlerWrapper.handle(Ha ndlerWrapper.java:139)
at org.mortbay.jetty.handler.rewrite.RewriteHandler.h andle(RewriteHandler.java:350)
at org.mortbay.jetty.handler.HandlerWrapper.handle(Ha ndlerWrapper.java:139)
at org.mortbay.jetty.Server.handle(Server.java:313)
at org.mortbay.jetty.HttpConnection.handleRequest(Htt pConnection.java:506)
at org.mortbay.jetty.HttpConnection$RequestHandler.co ntent(HttpConnection.java:844)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser. java:644)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpPa rser.java:211)
at org.mortbay.jetty.HttpConnection.handle(HttpConnec tion.java:381)
at org.mortbay.io.nio.SelectChannelEndPoint.run(Selec tChannelEndPoint.java:396)
at org.mortbay.thread.BoundedThreadPool$PoolThread.ru n(BoundedThreadPool.java:442)
When it comes time to test against a user that is known to exist in the directory.
I can muck about with other Filter strings, and maybe get a different error message, but they're all about as useful.
If anyone has suggestions, I'd love to hear them.
Thanks,
Last edited by djnephew; 07-31-2008 at 07:15 AM..
Reason: Added clarification.
| 
Bugzilla
Wiki
Source
Linear Mode
