-
Authentication problems
I just completed an evaluation install of the latest Zimbra, and I can log in fine as the administrator and (evidently) successfully create new user accounts. However, when I try to log into those user accounts, I get:
"The username or password is incorrect. Verify that CAPS LOCK is not on, and then retype the current username and password"
(This happens regardless of whether the login is using just the username, or username@mailhost.example.com)
This is just a stock installation on a stock RHEL4 system. Authentication is set to Internal in the admin screen.
I'm not seeing any errors in zimbra.log, or in any of the /opt/zimbra/tomcat/logs.
Here is the relevant excerpt from my mailbox.log:
2007-05-18 15:35:21,838 INFO [http-80-Processor99]
[ua=ZimbraWebClient - FF1.0 (Linux)/undefined;ip=192.168.6.98;]
SoapEngine - handler exception
com.zimbra.cs.account.AccountServiceException: authentication failed
for john@zimbra.example.com
at com.zimbra.cs.account.AccountServiceException.AUTH _FAILED(AccountServiceException.java:87)
at com.zimbra.cs.account.ldap.LdapProvisioning.verify PasswordInternal(LdapProvisioning.java:2423)
at com.zimbra.cs.account.ldap.LdapProvisioning.verify Password(LdapProvisioning.java:2374)
at com.zimbra.cs.account.ldap.LdapProvisioning.authAc count(LdapProvisioning.java:2265)
at com.zimbra.cs.account.ldap.LdapProvisioning.authAc count(LdapProvisioning.java:2250)
at com.zimbra.cs.service.account.Auth.handle(Auth.jav a:116)
at com.zimbra.soap.SoapEngine.dispatchRequest(SoapEng ine.java:270)
at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.jav a:168)
at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.jav a:90)
at com.zimbra.soap.SoapServlet.doPost(SoapServlet.jav a:223)
at javax.servlet.http.HttpServlet.service(HttpServlet .java:709)
at com.zimbra.cs.servlet.ZimbraServlet.service(Zimbra Servlet.java:162)
at javax.servlet.http.HttpServlet.service(HttpServlet .java:802)
at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invo ke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invo ke(StandardContextValve.java:178)
at org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invok e(StandardEngineValve.java:107)
at org.apache.catalina.valves.AccessLogValve.invoke(A ccessLogValve.java:541)
at org.apache.catalina.connector.CoyoteAdapter.servic e(CoyoteAdapter.java:148)
at org.apache.coyote.http11.Http11Processor.process(H ttp11Processor.java:869)
at org.apache.coyote.http11.Http11BaseProtocol$Http11 ConnectionHandler.processConnection(Http11BaseProt ocol.java:667)
at org.apache.tomcat.util.net.PoolTcpEndpoint.process Socket(PoolTcpEndpoint.java:527)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThr ead.runIt(LeaderFollowerWorkerThread.java:80)
at org.apache.tomcat.util.threads.ThreadPool$ControlR unnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
And here is the relevant excerpt from my audit.log:
2007-05-18 15:35:21,834 WARN [http-80-Processor99]
[ua=ZimbraWebClient - FF1.0 (Linux)/undefined;ip=192.168.6.98;]
security - cmd=Auth; account=john@zimbra.example.com; protocol=soap;
error=authentication failed for john@zimbra.example.com;
Any ideas what is going wrong, and/or how I can fix it?
-
Try to reset the password:
Code:
zmprov sp <user e-mail=""> <new password=""><user e-mail=""> <new password="">(user e-mail) (new password)
</new></user></new></user>
-
I get the same error. Changing the password via the CLI did not work, however, I found that if I set the account to an administrator, the account works just fine. If I switch it back, the account will not login. Any suggestions?
-
Never mind, I figured it out. I forgot that I was using External Active Directory for authentication. The user account that I created did not work because I didn't create the domain account that corresponded with the Zimbra account. :o Whoops.
