# Thread: install problem with FC4: LDAP: error code 49 - Invalid Credentials

1. Member
Join Date
Sep 2005
Posts
10
Rep Power
9

## install problem with FC4: LDAP: error code 49 - Invalid Credentials

Hi,

I have been following the various posts for FC4 and made some progress accordingly:
- sym links for the crypto libs
- mysql config for systems with little RAM

now I am stuck with LDAP authentication. I get an authentication error when I try to check the LDAP config.

[zimbra@godavari conf]\$ zmprov gas
ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.AuthenticationException [LDAP: error code 49 - Invalid Credentials])

My guess is that with the various installs I have done, the LDAP password might be out of sync between two components (e.g. LDAP server and Java app).
Is there a way to fix it by hand?

Another question is how to start a clean install.
I am doing \rm -r /opt/zimbra and then a re-install via install.sh.
Is there a cleaner way of doing it?

regards,

Arnaud

2. Originally Posted by sahuguet
My guess is that with the various installs I have done, the LDAP password might be out of sync between two components (e.g. LDAP server and Java app).
Is there a way to fix it by hand?
zmldappasswd should be able to reset it. change both the user level and use the --root option to change the ldap password.

Originally Posted by sahuguet
Another question is how to start a clean install.
I am doing \rm -r /opt/zimbra and then a re-install via install.sh.
Is there a cleaner way of doing it?
install.sh -u

This will remove everything. I suggest you try this if you've tried multiple installs. Best way to clean up and start fresh.

3. Member
Join Date
Sep 2005
Posts
10
Rep Power
9

## making some progress ...

The LDAP credential error has disappeared.

For some reasons, I cannot start the services using zmcontrol start.
I have to start them "manually":
- ldap start
- mysql.server start
- tomcat start

I get the following error in the zimbra.log file:

Code:
2005-09-13 00:52:15,764 INFO  [main] [] soap - Servlet SoapServlet starting up
2005-09-13 00:52:16,409 INFO  [main] [] misc - version=2005.0.0_39.FC3 release=1_ARMSTRONG builddat
e=20050829-1058 buildhost=wolfowitz.liquidsys.com
2005-09-13 00:52:17,538 FATAL [main] [] soap - Unable to start servlet
java.lang.RuntimeException: Error communicating with LDAP
at com.zimbra.cs.util.Zimbra.checkLDAP(Zimbra.java:86)
at com.zimbra.cs.util.Zimbra.startup(Zimbra.java:117)
at com.zimbra.soap.SoapServlet.init(SoapServlet.java:77)
And I have checked that my slapd server is running.

Is there a way to check that the LDAP server is properly configured?
With mysql, I can use the zmmysqlstatus command.

Is there something similar with LDAP?
Otherwise, is there a ldapsearch command I could try to check that things are working fine?

regards,

Arnaud

4. One quick check is to telnet to port 389

telnet 0 389

See if ldap is actually bound to that port.

5. Member
Join Date
Sep 2005
Posts
10
Rep Power
9
LDAP is running.

I was thinking more of an ldapsearch command that retrieves some attributes, as a way to check that everything is fine.

For instance, I would like to retrieve some user info:
Code:
[root@godavari log]# /opt/zimbra/openldap/bin/ldapsearch -b "cn=admins,cn=zimbra"  -D "uid=zimbra,cn=admins,cn=zimbra" -X objectclass=organizationalPerson
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Insufficient access (50)
additional info: SASL(-14): authorization failure: unable authorization ID
For the password, I am using the one I provided during the install for admin@.

regards,

Arnaud

6. Expert Member
Join Date
Sep 2005
Posts
2,103
Rep Power
13

## zmprov

zmprov gas - if ldap is working, that will return a server list.

I suspect that the problem is credentials, and you need to reset the password with zmldappassword

Originally Posted by sahuguet
LDAP is running.

I was thinking more of an ldapsearch command that retrieves some attributes, as a way to check that everything is fine.

For instance, I would like to retrieve some user info:
Code:
[root@godavari log]# /opt/zimbra/openldap/bin/ldapsearch -b "cn=admins,cn=zimbra"  -D "uid=zimbra,cn=admins,cn=zimbra" -X objectclass=organizationalPerson
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Insufficient access (50)
additional info: SASL(-14): authorization failure: unable authorization ID
For the password, I am using the one I provided during the install for admin@.

regards,

Arnaud

7. Expert Member
Join Date
Sep 2005
Posts
2,103
Rep Power
13

## wrong password

Originally Posted by sahuguet
LDAP is running.

For the password, I am using the one I provided during the install for admin@.

regards,

Arnaud
Just saw this - that's not the ldap password.

The ldap password can be retrieved via zmlocalconfig -s zimbra_ldap_password

#### Thread Information

##### Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

#### Posting Permissions

• You may not post new threads
• You may not post replies
• You may not post attachments
• You may not edit your posts
•