Results 1 to 7 of 7

Thread: install problem with FC4: LDAP: error code 49 - Invalid Credentials

  1. #1
    sahuguet is offline Member
    Join Date
    Sep 2005
    Posts
    10
    Rep Power
    9

    Default install problem with FC4: LDAP: error code 49 - Invalid Credentials

    Hi,

    I have been following the various posts for FC4 and made some progress accordingly:
    - sym links for the crypto libs
    - mysql config for systems with little RAM

    now I am stuck with LDAP authentication. I get an authentication error when I try to check the LDAP config.

    [zimbra@godavari conf]$ zmprov gas
    ERROR: service.FAILURE (system failure: getDirectContext) (cause: javax.naming.AuthenticationException [LDAP: error code 49 - Invalid Credentials])


    My guess is that with the various installs I have done, the LDAP password might be out of sync between two components (e.g. LDAP server and Java app).
    Is there a way to fix it by hand?

    Another question is how to start a clean install.
    I am doing \rm -r /opt/zimbra and then a re-install via install.sh.
    Is there a cleaner way of doing it?

    regards,

    Arnaud

  2. #2
    KevinH's Avatar
    KevinH is offline Expert Member
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    18

    Default

    Quote Originally Posted by sahuguet
    My guess is that with the various installs I have done, the LDAP password might be out of sync between two components (e.g. LDAP server and Java app).
    Is there a way to fix it by hand?
    zmldappasswd should be able to reset it. change both the user level and use the --root option to change the ldap password.


    Quote Originally Posted by sahuguet
    Another question is how to start a clean install.
    I am doing \rm -r /opt/zimbra and then a re-install via install.sh.
    Is there a cleaner way of doing it?
    install.sh -u

    This will remove everything. I suggest you try this if you've tried multiple installs. Best way to clean up and start fresh.

  3. #3
    sahuguet is offline Member
    Join Date
    Sep 2005
    Posts
    10
    Rep Power
    9

    Default making some progress ...

    The LDAP credential error has disappeared.

    For some reasons, I cannot start the services using zmcontrol start.
    I have to start them "manually":
    - ldap start
    - mysql.server start
    - tomcat start

    I get the following error in the zimbra.log file:

    Code:
    2005-09-13 00:52:15,764 INFO  [main] [] soap - Servlet SoapServlet starting up
    2005-09-13 00:52:16,409 INFO  [main] [] misc - version=2005.0.0_39.FC3 release=1_ARMSTRONG builddat
    e=20050829-1058 buildhost=wolfowitz.liquidsys.com
    2005-09-13 00:52:17,538 FATAL [main] [] soap - Unable to start servlet
    java.lang.RuntimeException: Error communicating with LDAP
            at com.zimbra.cs.util.Zimbra.checkLDAP(Zimbra.java:86)
            at com.zimbra.cs.util.Zimbra.startup(Zimbra.java:117)
            at com.zimbra.soap.SoapServlet.init(SoapServlet.java:77)
    And I have checked that my slapd server is running.

    Is there a way to check that the LDAP server is properly configured?
    With mysql, I can use the zmmysqlstatus command.

    Is there something similar with LDAP?
    Otherwise, is there a ldapsearch command I could try to check that things are working fine?

    regards,

    Arnaud

  4. #4
    KevinH's Avatar
    KevinH is offline Expert Member
    Join Date
    Aug 2005
    Location
    San Mateo, CA
    Posts
    4,789
    Rep Power
    18

    Default

    One quick check is to telnet to port 389

    telnet 0 389


    See if ldap is actually bound to that port.

  5. #5
    sahuguet is offline Member
    Join Date
    Sep 2005
    Posts
    10
    Rep Power
    9

    Default

    LDAP is running.

    I was thinking more of an ldapsearch command that retrieves some attributes, as a way to check that everything is fine.

    For instance, I would like to retrieve some user info:
    Code:
    [root@godavari log]# /opt/zimbra/openldap/bin/ldapsearch -b "cn=admins,cn=zimbra"  -D "uid=zimbra,cn=admins,cn=zimbra" -X objectclass=organizationalPerson
    SASL/DIGEST-MD5 authentication started
    Please enter your password: 
    ldap_sasl_interactive_bind_s: Insufficient access (50)
            additional info: SASL(-14): authorization failure: unable authorization ID
    For the password, I am using the one I provided during the install for admin@.

    regards,

    Arnaud

  6. #6
    marcmac is offline Expert Member
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    13

    Default zmprov

    zmprov gas - if ldap is working, that will return a server list.

    I suspect that the problem is credentials, and you need to reset the password with zmldappassword

    Quote Originally Posted by sahuguet
    LDAP is running.

    I was thinking more of an ldapsearch command that retrieves some attributes, as a way to check that everything is fine.

    For instance, I would like to retrieve some user info:
    Code:
    [root@godavari log]# /opt/zimbra/openldap/bin/ldapsearch -b "cn=admins,cn=zimbra"  -D "uid=zimbra,cn=admins,cn=zimbra" -X objectclass=organizationalPerson
    SASL/DIGEST-MD5 authentication started
    Please enter your password: 
    ldap_sasl_interactive_bind_s: Insufficient access (50)
            additional info: SASL(-14): authorization failure: unable authorization ID
    For the password, I am using the one I provided during the install for admin@.

    regards,

    Arnaud

  7. #7
    marcmac is offline Expert Member
    Join Date
    Sep 2005
    Posts
    2,103
    Rep Power
    13

    Default wrong password

    Quote Originally Posted by sahuguet
    LDAP is running.


    For the password, I am using the one I provided during the install for admin@.

    regards,

    Arnaud
    Just saw this - that's not the ldap password.

    The ldap password can be retrieved via zmlocalconfig -s zimbra_ldap_password

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Multi Server Installation
    By rsharpe in forum Installation
    Replies: 6
    Last Post: 07-11-2007, 09:53 PM
  2. 3 testing: LDAP: 389 Failed when restore zimbra
    By victorLeong in forum Administrators
    Replies: 15
    Last Post: 05-24-2007, 06:45 AM
  3. Installation Problem - Possibly LDAP
    By geroshea in forum Installation
    Replies: 5
    Last Post: 03-16-2007, 04:47 AM
  4. Mac OSX install: Java errors & LDAP CA error
    By jefbear in forum Installation
    Replies: 9
    Last Post: 12-16-2006, 03:39 PM
  5. LDAP Invalid Credentials on install
    By rory_d in forum Installation
    Replies: 1
    Last Post: 09-30-2005, 08:51 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •