Can't login to SAC

tim_evans · Postby **tim_evans** » Sun Feb 18, 2007 10:31 pm

I went through the manual instructions to install Scalix on debian,and I seem to have it all working now. I can login to the webmail using the admin user, but I can't login to SAC, it just gives the error:

Could Not Login
Check the Login ID and Password.
You might have forgotten to include the
domain name as part of your Login ID
(e.g. 'yourID@yourDomain.com')

I've tried using the login id 'sxadmin' and 'sxadmin@<mydomain>.com',both give the same result. Output of omshowu is:

# ./omshowu sxadmin
Authentication ID: sxadmin
Globally Unique ID: 1c10000089fc8d54-45.0.861.291
User Name : sxadmin /CN=sxadmin
MailNode : <mydoman>
Internet Address : sxadmin@<mydoman>.com
System Login : sxadmin
Password : set
Admin Capabilities : YES
Mailbox Admin Capabilities : NO
Language : C
Mail Account: Unlocked
Last Signon : 02.19.07 13:10:26
Receipt of mail : ENABLED
Service level : 0
Excluded from Tidying : NO
Recovery Folder visible : NO
User Class : Limited
SIS URL : sxidx://<server-fqdn>/0c10000089fc8d54-45.0.861.291

The only log message I can find is in /var/opt/scalix/xx/tomcat/logs/scalix-caa.log:

2007-02-19 13:17:01,982 ERROR [LDAPHelperUtils.getTargetHost:362] javax.naming.AuthenticationException: [LDAP:
error code 49 - Invalid Credentials]
2007-02-19 13:17:02,204 ERROR [RbacAuthorizationHelper.isScalixUser:248] Exception:
javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)
at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
at javax.naming.InitialContext.init(Unknown Source)
at javax.naming.InitialContext.<init>(Unknown Source)
at javax.naming.directory.InitialDirContext.<init>(Unknown Source)
at com.scalix.sac.ubermgr.ldap.LDAPQuery.initContextWithCN(LDAPQuery.java:104)
at com.scalix.sac.ubermgr.rbac.RbacAuthorizationHelper.isScalixUser(RbacAuthorizationHelper.java:231)
at com.scalix.sac.ubermgr.ldap.LDAPServiceHandler.Login(LDAPServiceHandler.java:124)
at com.scalix.sac.ubermgr.caa.RESService.authenticateAndAuthorizeUser(RESService.java:157)
at com.scalix.sac.ubermgr.caa.RESService.doRequest(RESService.java:83)
at com.scalix.caa.soap.SOAPDispatcherServlet.onMessage(SOAPDispatcherServlet.java:268)
at com.scalix.caa.soap.SAAJServlet.doPost(SAAJServlet.java:123)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:199)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:282)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:754)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:684)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:876)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Unknown Source)

Any idea what's gone wrong here?

Postby **ScalixSupport** » Mon Feb 19, 2007 7:49 am

Hi!

Can you check if the file /var/opt/scalix/s4/caa/scalix.res/config/psdata exists. This file
should contain the password for sxadmin user. If this file does not exist, please create
one. The permissions for this file should be 600, also ownership to be root:root.

Once you have created this file, run the command:

ommodu -n sxadmin -p <password>
Note: <password> should be the password you wish to keep for the user sxadmin.

Restart scalix-tomcat service, see if this resolves the problem in hand.

Thanks,
Subir

obelix_79 · Postby **obelix_79** » Thu Feb 22, 2007 6:49 am

Hi

I've got exactly the same problem but the suggested solution do not change anything. What else can I do to get access to the SAC.
My system is a fresh installation of Ubuntu server 6.10 with Scalix CE 11.0.1

florian · Postby **florian** » Sat Feb 24, 2007 11:18 am

have you double-checked the sxqueryadmin password that must be in the psdata file? have you turned up sac/ubermanager logging to "debug" level and posted the debug log?

Florian.

lilkev · Postby **lilkev** » Sun Feb 25, 2007 12:16 am

Hi There

I have just done a fresh install of Scalix 11 Community Edition on a fresh Fedora Core 5 Machine. Install went Beautifully! But now I cant get into the SAC to add users. Box name is meetingpoint and the DOmain is grcbc.internal

I can get the Admin Console up but when I try to log in I get a message that I should check the Client Login and password. I am using what is the standard:
sxadmin@meetingpoint.grcbc.internal and the Password I have set. I have also tried sxadmin-meetingpoint@grcbc.internal and other variations to no avail.

I have tried to follow the instructions earlier in this post and came up with a problem. Where Subir has said to check the location /var/opt/scalix/s4/caa/scalix.res/config/psdata Mine has the location /var/opt/scalix/mt/caa/scalix.res/config/psdata. Where Subir lists "S4" my box has "mt" Is this the issue? I have drilled down into the directory and all the other Files and folders are there and my Password is indeed listed and correct in psdata

I have gone into Scalix Web access using the Username sxadmin-meetingpoint@grcbc.internal and the Correct password and I make it in.....so what am I missing?

Your help is Appreciated.

Kev

florian · Postby **florian** » Sun Feb 25, 2007 12:23 am

very likely you're just using the wrong username.

execute an omshowu -n sxadmin and look at the value of the "Authentication ID" field. For SAC login, you MUST use this exact name, as it stands, with or without any domain suffix.

Part of the confusion might be caused by the fact that in Scalix 10 and previous we generated the username to be sxadmin@hostname by default, while in Scalix 11 we only use "sxadmin".

Florian.

lilkev · Postby **lilkev** » Sun Feb 25, 2007 12:31 am

Thanks for the tip. SO let me get this right

If in Authentication id it says sxadmin then I should type that into the login right? Just as it it? No added Domain name?

Perfect. It worked. Thanks Florian, You Rock!!

Kev

Postby **ScalixSupport** » Mon Feb 26, 2007 12:06 am

Hi!

Exactly, as Florian mentioned in Scalix 10, the SAC login used to include the domain name but not in Scalix 11.

Just wanted to mention, /var/opt/scalix/?? is the Scalix instance folder, where ?? is the first
and the last characters of the Scalix server hostname, my machine name is "subir-rhel4", so
for me the folder is "s4", while for you the hostname is "meetingpoint" so the instance folder
name is "mt". I hope the confusion is gone now.

Thanks,
Subir

obelix_79 · Postby **obelix_79** » Mon Feb 26, 2007 3:44 am

Hi

I also used a own user with other username then sxqueryadmin so nothing worked. But now with the correct user all is fine.

Thanks

florian · Postby **florian** » Mon Feb 26, 2007 8:57 am

That's correct. The sxqueryadmin user name is fixed and cannot be changed. This is an internal username that SAC uses to query configuration out of a server, in particular in a multi-server config.

The username of the admin (default: sxadmin) can be cahnged.

Florian.

ianuti · Postby **ianuti** » Fri Nov 07, 2008 3:57 am

I have the same problem with OpenSuse 11.0 and Scalix 11.4

Your solution does not work.

Do you have any idea ?

thanks

Marcus

LeslieW · Postby **LeslieW** » Fri Nov 07, 2008 11:29 am

Marcus,

What do you get when you type
omshowu -n sxadmin

What do you see in your logs ( /var/opt/scalix/xx/tomcat/logs/*) when you try to log in to the SAC?

Leslie

ianuti · Postby **ianuti** » Sat Nov 08, 2008 6:16 am

LeslieW · Postby **LeslieW** » Wed Nov 12, 2008 12:22 pm

When you try to log in to the SAC, are you using "sxadmin" as the login name?

Can you do
omlogon -h localhost -u sxadmin -p <password>?
If so, follow it with
omlogoff

The logs you posted go from 8 a.m. to 1 p.m. - that's a bit much to dig through. Try logging in to SAC, then doing
ls -ltr
on the logs directory and look at the ones that were updated when you attempted your login. See what they say.

lelandv · Postby **lelandv** » Thu Nov 13, 2008 5:19 am

Don't know if it's of any help, but we get this problem from time to time, but doesn't seem to be a pattern to it.

If we restart the daemons in exactly this order, everything starts working fine again:

/etc/init.d/scalix restart
/etc/init.d/scalix-postgres restart
/etc/init.d/scalix-tomcat restart

Not sure what causes it to stop working in the first place, but it's almost as if the java servlets are no longer communicating with postgres or ldap (or both).

Fortunately it doesn't happen very often though!

L.

Scalix Forums

Can't login to SAC

Can't login to SAC

Same Problem

Hmmmm

Who is online