unable to connect zimbra 8.7.1_GA_1670 to an external ldap(zentyal 4.x)

[netseeker]

Hi,

I installed a zimbra on a standalone server and wanted to connect its authentication to a zentyal's ldap.

My zentyal specs :
version : 4.x
ldap port : 389
ldap starttls : enabled

what I have done in Zimbra 8.7.1_GA_1670 :
in admin area :
Configuration--->Domains--->Selected My default domain and right clicked on it--->Configure Authentication
My configs :
1-Selected External LDAP
2-Added my ldap server IP and PORT(389)
3-Enabled starttls
3- LDAP filter = (&(cn=%u)(objectClass=user)) / I have tried (objectClass=*) too
4-LDAP search filter = DC=mydomain,DC=ext1,DC=ext2
5-Checked use DN/password and configured my bind DN correctly
6-enter my LDAP username/password and click on test and I will get following error :

Code: Select all

com.zimbra.cs.ldap.LdapException: LDAP error:  - unable to get connection: ldap host=: Simple Bind Failed: NT_STATUS_LOGON_FAILURE
ExceptionId:qtp1684106402-45647:https:https://192.168.1.62:7071/service/admin/soap/CheckAuthConfigRequest:1491226117148:aeb217cf70953de3
Code:ldap.LDAP_ERROR
	at com.zimbra.cs.ldap.LdapException.LDAP_ERROR(LdapException.java:90)
	at com.zimbra.cs.ldap.unboundid.UBIDLdapException.mapToLdapException(UBIDLdapException.java:74)
	at com.zimbra.cs.ldap.unboundid.UBIDLdapException.mapToExternalLdapException(UBIDLdapException.java:84)
	at com.zimbra.cs.ldap.unboundid.UBIDLdapContext.mapToLdapException(UBIDLdapContext.java:241)
	at com.zimbra.cs.ldap.unboundid.UBIDLdapContext.getConnection(UBIDLdapContext.java:207)
	at com.zimbra.cs.ldap.unboundid.UBIDLdapContext.<init>(UBIDLdapContext.java:179)
	at com.zimbra.cs.ldap.unboundid.UBIDLdapClient.getExternalContextImpl(UBIDLdapClient.java:106)
	at com.zimbra.cs.ldap.LdapClient.getExternalContext(LdapClient.java:169)
	at com.zimbra.cs.account.ldap.LdapProvisioning.ldapAuthenticate(LdapProvisioning.java:5374)
	at com.zimbra.cs.account.ldap.LdapProvisioning.checkAuthConfig(LdapProvisioning.java:5429)
	at com.zimbra.cs.service.admin.CheckAuthConfig.handle(CheckAuthConfig.java:48)
	at com.zimbra.soap.SoapEngine.dispatchRequest(SoapEngine.java:605)
	at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.java:458)
	at com.zimbra.soap.SoapEngine.dispatch(SoapEngine.java:271)
	at com.zimbra.soap.SoapServlet.doWork(SoapServlet.java:303)
	at com.zimbra.soap.SoapServlet.doPost(SoapServlet.java:213)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
	at com.zimbra.cs.servlet.ZimbraServlet.service(ZimbraServlet.java:206)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
	at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:821)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1685)
	at com.zimbra.cs.servlet.CsrfFilter.doFilter(CsrfFilter.java:169)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
	at com.zimbra.cs.servlet.RequestStringFilter.doFilter(RequestStringFilter.java:54)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
	at com.zimbra.cs.servlet.SetHeaderFilter.doFilter(SetHeaderFilter.java:59)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
	at com.zimbra.cs.servlet.ETagHeaderFilter.doFilter(ETagHeaderFilter.java:47)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
	at com.zimbra.cs.servlet.ContextPathBasedThreadPoolBalancerFilter.doFilter(ContextPathBasedThreadPoolBalancerFilter.java:107)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
	at com.zimbra.cs.servlet.ZimbraQoSFilter.doFilter(ZimbraQoSFilter.java:116)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
	at com.zimbra.cs.servlet.ZimbraInvalidLoginFilter.doFilter(ZimbraInvalidLoginFilter.java:117)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
	at org.eclipse.jetty.servlets.DoSFilter.doFilterChain(DoSFilter.java:473)
	at org.eclipse.jetty.servlets.DoSFilter.doFilter(DoSFilter.java:318)
	at org.eclipse.jetty.servlets.DoSFilter.doFilter(DoSFilter.java:288)
	at org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1668)
	at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:581)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:143)
	at org.eclipse.jetty.security.SecurityHandler.handle(SecurityHandler.java:524)
	at org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:226)
	at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1158)
	at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:511)
	at org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185)
	at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1090)
	at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
	at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213)
	at org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:109)
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:119)
	at org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:318)
	at org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:437)
	at org.eclipse.jetty.server.handler.DebugHandler.handle(DebugHandler.java:84)
	at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:119)
	at org.eclipse.jetty.server.Server.handle(Server.java:517)
	at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:306)
	at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:242)
	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:261)
	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
	at org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:192)
	at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:261)
	at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:95)
	at org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:75)
	at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceAndRun(ExecuteProduceConsume.java:213)
	at org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:147)
	at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:654)
	at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:572)
	at java.lang.Thread.run(Thread.java:745)
Caused by: LDAPException(resultCode=49 (invalid credentials), errorMessage='Simple Bind Failed: NT_STATUS_LOGON_FAILURE', diagnosticMessage='Simple Bind Failed: NT_STATUS_LOGON_FAILURE')
	at com.unboundid.ldap.sdk.LDAPConnection.bind(LDAPConnection.java:1894)
	at com.unboundid.ldap.sdk.LDAPConnectionPool.createConnection(LDAPConnectionPool.java:988)
	at com.unboundid.ldap.sdk.LDAPConnectionPool.getConnection(LDAPConnectionPool.java:1399)
	at com.zimbra.cs.ldap.unboundid.UBIDLdapOperation$GetConnection.execute(UBIDLdapOperation.java:189)
	at com.zimbra.cs.ldap.unboundid.UBIDLdapContext.getConnection(UBIDLdapContext.java:198)
	... 64 more

This is all I've done I haven't import any certificate or execute any specific command on the Zimbra's server, also my bind DN and my LDAP users are working I have tested them with other ldap integrated apps.

Is there anything I missed here? I want my LDAP to manage the authenticating of Zimbra.

[netseeker]

Found the problem.

Since zentyal 4.x using samba AD rather than openLDAP all I had to do was swith to ActiveDirecoty.