I trying to configure Zimbra with Eager autentufication, and can't do it. LAZY-mode works, and I don't understand what I doing wrong
For configure I do:
Code: Select all
md dom.ru zimbraAutoProvAccountNameMap "sAMAccountName"
md dom.ru zimbraAutoProvAttrMap "sn=sn"
md dom.ru +zimbraAutoProvAttrMap "description=description"
md dom.ru +zimbraAutoProvAttrMap "cn=displayName"
md dom.ru +zimbraAutoProvAttrMap "givenName=givenName"
md dom.ru zimbraAutoProvLdapAdminBindDn "CN=vmail,OU=users,DC=my-domain,DC=local"
md dom.ru zimbraAutoProvLdapAdminBindPassword "password"
md dom.ru zimbraAutoProvLdapBindDn "%u@%d"
md dom.ru zimbraAutoProvLdapSearchBase "ou=My-Domain,dc=my-domain,dc=local"
md dom.ru zimbraAutoProvLdapSearchFilter "(memberOf=cn=vmail,ou=My-Domain,dc=my-domain,dc=local)"
md dom.ru zimbraAutoProvLdapURL "ldap://10.0.0.100:3268"
md dom.ru zimbraAutoProvMode "EAGER"
ms mail.dom.ru zimbraAutoProvPollingInterval "10m"
ms mail.dom.ru zimbraAutoProvScheduledDomains "dom.ru"
Code: Select all
2017-02-01 16:17:41,749 INFO [AutoProvision] [] autoprov - Auto provisioning accounts on domain dom.ru
2017-02-01 16:17:41,830 WARN [AutoProvision] [] autoprov - Unable to auto provision accounts for domain dom.ru
com.zimbra.cs.ldap.LdapException: LDAP error: - unable to get connection: 80090308: LdapErr: DSID-0C0903A8, comment: AcceptSecurityContext error, data 52e, v1db1.
ExceptionId:AutoProvision:1485944261829:fe01dc8ffcc38eaa
Code:ldap.LDAP_ERROR
at com.zimbra.cs.ldap.LdapException.LDAP_ERROR(LdapException.java:90)
at com.zimbra.cs.ldap.unboundid.UBIDLdapException.mapToLdapException(UBIDLdapException.java:74)
at com.zimbra.cs.ldap.unboundid.UBIDLdapException.mapToExternalLdapException(UBIDLdapException.java:84)
at com.zimbra.cs.ldap.unboundid.UBIDLdapContext.mapToLdapException(UBIDLdapContext.java:225)
at com.zimbra.cs.ldap.unboundid.UBIDLdapContext.getConnection(UBIDLdapContext.java:199)
at com.zimbra.cs.ldap.unboundid.UBIDLdapContext.<init>(UBIDLdapContext.java:171)
at com.zimbra.cs.ldap.unboundid.UBIDLdapClient.getExternalContextImpl(UBIDLdapClient.java:106)
at com.zimbra.cs.ldap.LdapClient.getExternalContext(LdapClient.java:169)
at com.zimbra.cs.account.ldap.AutoProvision.searchAutoProvDirectory(AutoProvision.java:641)
at com.zimbra.cs.account.ldap.AutoProvisionEager.searchAccounts(AutoProvisionEager.java:250)
at com.zimbra.cs.account.ldap.AutoProvisionEager.createAccountBatch(AutoProvisionEager.java:152)
at com.zimbra.cs.account.ldap.AutoProvisionEager.handleBatch(AutoProvisionEager.java:132)
at com.zimbra.cs.account.ldap.AutoProvisionEager.handleScheduledDomains(AutoProvisionEager.java:103)
at com.zimbra.cs.account.ldap.LdapProvisioning.autoProvAccountEager(LdapProvisioning.java:1008)
at com.zimbra.cs.account.AutoProvisionThread.run(AutoProvisionThread.java:150)
Caused by: LDAPException(resultCode=49 (invalid credentials), errorMessage='80090308: LdapErr: DSID-0C0903A8, comment: AcceptSecurityContext error, data 52e, v1db1.', diagnosticMessage='80090308: LdapErr: DSID-0C0903A8, comment: AcceptSe
curityContext error, data 52e, v1db1.')
at com.unboundid.ldap.sdk.LDAPConnection.bind(LDAPConnection.java:1894)
at com.unboundid.ldap.sdk.LDAPConnectionPool.createConnection(LDAPConnectionPool.java:988)
at com.unboundid.ldap.sdk.LDAPConnectionPool.getConnection(LDAPConnectionPool.java:1399)
at com.zimbra.cs.ldap.unboundid.UBIDLdapOperation$GetConnection.execute(UBIDLdapOperation.java:186)
at com.zimbra.cs.ldap.unboundid.UBIDLdapContext.getConnection(UBIDLdapContext.java:190)
... 10 more
2017-02-01 16:17:41,833 INFO [AutoProvision] [] autoprov - Sleeping for 600000 milliseconds.
Code: Select all
(resultCode=49 (invalid credentials)
Please help