LDAP Issue : forced to reboot every few hours

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
newrepublic
Posts: 2
Joined: Mon Aug 12, 2019 5:34 pm

LDAP Issue : forced to reboot every few hours

Postby newrepublic » Tue Aug 13, 2019 7:45 am

Hello people,

For some reason, yesterday an issue appeared that prevented me and my users from logging in. When I try to log in through the normal web portal, it gives me this kind of error : "A network service error has occurred.". But when I try to log in the admin interface, no matter the password, I get this kind of error "Authentication Failed".

As soon as I restart, the problem disapppears but come back a few hours later.

cat /opt/zimbra/log/nginx.log returns me this kind of errors :

Code: Select all

2019/08/13 08:08:43 [warn] 4067#0: *627 zmauth: an error occurs during zm lookup: com.zimbra.common.service.ServiceException: system failure: unable to lookup account via query: (&(|(zimbraMailDeliveryAddress=[ADDRESS EXPUNGED])(zimbraMailAlias=[ADDRESS EXPUNGED])(zimbraOldMailAddress=[ADDRESS EXPUNGED]))(objectClass=zimbraAccount)) message: system failure: unable to lookup COS by name: default message: LDAP error:  - unable to get attributes: ldap host=[DOMAIN EXPUNGED]:389: internal error ExceptionId:qtp66233253-1401:https:https://[IP EXPUNGED]/service/extension/nginx-lookup:1565676523054:c85a4b0af3b3c79e Code:service.FAILURE, fall back to IPHASH to get the upstream route while SSL handshaking to lookup handler, client: [IP EXPUNGED], server: [DOMAIN EXPUNGED], request: "PROPFIND /principals/users/[ADDRESS EXPUNGED]/ HTTP/1.1", host: "[DOMAIN EXPUNGED]"
2019/08/13 08:08:43 [error] 4067#0: *627 zm lookup: an error is returned by zimbra lookup handler: unable to search LDAP while SSL handshaking to lookup handler, client: [IP EXPUNGED], server: [DOMAIN EXPUNGED], request: "PROPFIND /dav/[ADDRESS EXPUNGED]/ HTTP/1.1", host: "[DOMAIN EXPUNGED]"

and this warning pops seemly often on /var/log/zimbra.log :

Code: Select all

Aug 13 09:38:14 mail2 postfix/proxymap[14800]: warning: dict_ldap_connect: Unable to bind to server ldap://[DOMAIN EXPUNGED]:389 with dn uid=zmpostfix,cn=appaccts,cn=zimbra: 80 (Other (e.g., implementation specific) error)
Aug 13 09:38:14 mail2 postfix/cleanup[27151]: warning: proxy:ldap:/opt/zimbra/conf/ldap-canonical.cf lookup error for "[ADDRESS EXPUNGED]"


so right now im kinda lost :/
what should I do ?
what kind of other logs should I provide ?

Thanks btw :)


newrepublic
Posts: 2
Joined: Mon Aug 12, 2019 5:34 pm

Re: LDAP Issue : forced to reboot every few hours

Postby newrepublic » Sun Aug 18, 2019 6:55 am

Weirdly enough this kind of error also pops up quite frequently :

Code: Select all

Aug 18 08:49:08 mail2 postfix/proxymap[11884]: warning: dict_ldap_connect: Unable to bind to server ldap://[DOMAIN_EXPUNGED]:389 with dn uid=zmpostfix,cn=appaccts,cn=zimbra: 80 (Other (e.g., implementation specific) error)
Aug 18 08:49:08 mail2 postfix/trivial-rewrite[11886]: warning: proxy:ldap:/opt/zimbra/conf/ldap-transport.cf lookup error for "*"
Aug 18 08:49:08 mail2 postfix/proxymap[11884]: warning: dict_ldap_lookup: Search error 80: Other (e.g., implementation specific) error
Aug 18 08:49:08 mail2 postfix/trivial-rewrite[11886]: warning: proxy:ldap:/opt/zimbra/conf/ldap-transport.cf lookup error for "*"
Aug 18 08:49:08 mail2 postfix/proxymap[11884]: warning: dict_ldap_lookup: Search error 80: Other (e.g., implementation specific) error
Aug 18 08:49:08 mail2 postfix/trivial-rewrite[11886]: warning: virtual_alias_domains: proxy:ldap:/opt/zimbra/conf/ldap-vad.cf: table lookup problem
Aug 18 08:49:08 mail2 postfix/trivial-rewrite[11886]: warning: virtual_alias_domains lookup failure
Aug 18 08:49:08 mail2 postfix/proxymap[11884]: warning: dict_ldap_lookup: Search error 80: Other (e.g., implementation specific) error
Aug 18 08:49:08 mail2 postfix/trivial-rewrite[11886]: warning: virtual_alias_domains: proxy:ldap:/opt/zimbra/conf/ldap-vad.cf: table lookup problem
Aug 18 08:49:08 mail2 postfix/trivial-rewrite[11886]: warning: virtual_alias_domains lookup failure

Return to “Administrators”

Who is online

Users browsing this forum: No registered users and 16 guests