No login to SAC - LDAP error code 49 - Invalid credentials
Posted: Thu Jan 03, 2008 6:34 am
Hi!
I've tried to install Scalix 11.2 on a Debian Etch server. I tried it with the 'Manual Installation', the 'Install script for Debian' and the 'Python script for Debian', everytime on a clean system.
But I can't logon to SAC.
The scalix_caa.log displays the following error:
I think there is something wrong with the LDAP authentication.
I read all posts concerning the topic 'no logon to sac' but I found no solution.
This is, what omshow -n sxadmin says:
and omshowu -n sxqueryadmin:
I try to login with 'sxadmin@debian.schlee.lan'.
How can I check LDAP?
Can anobody help me?
Thanks, Uli
I've tried to install Scalix 11.2 on a Debian Etch server. I tried it with the 'Manual Installation', the 'Install script for Debian' and the 'Python script for Debian', everytime on a clean system.
But I can't logon to SAC.
The scalix_caa.log displays the following error:
2008-01-03 11:04:25,483 DEBUG [SAAJServlet.doPost:93] ************ Request Start ***************
2008-01-03 11:04:25,487 DEBUG [SAAJServlet.doPost:95] Starting SAAJServlet with POST
2008-01-03 11:04:25,519 DEBUG [SAAJUtils.dumpHeaders:129] -----> Header accept:*/*
2008-01-03 11:04:25,523 DEBUG [SAAJUtils.dumpHeaders:129] -----> Header accept-language:de
2008-01-03 11:04:25,526 DEBUG [SAAJUtils.dumpHeaders:129] -----> Header referer:http://debian.schlee.lan/sac/AdminApp.jsp
2008-01-03 11:04:25,529 DEBUG [SAAJUtils.dumpHeaders:129] -----> Header content-type:text/xml
2008-01-03 11:04:25,533 DEBUG [SAAJUtils.dumpHeaders:129] -----> Header UA-CPU:x86
2008-01-03 11:04:25,536 DEBUG [SAAJUtils.dumpHeaders:129] -----> Header accept-encoding:gzip, deflate
2008-01-03 11:04:25,539 DEBUG [SAAJUtils.dumpHeaders:129] -----> Header user-agent:Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR 1.1.4322)
2008-01-03 11:04:25,542 DEBUG [SAAJUtils.dumpHeaders:129] -----> Header host:debian.schlee.lan
2008-01-03 11:04:25,546 DEBUG [SAAJUtils.dumpHeaders:129] -----> Header content-length:454
2008-01-03 11:04:25,549 DEBUG [SAAJUtils.dumpHeaders:129] -----> Header connection:Keep-Alive
2008-01-03 11:04:25,552 DEBUG [SAAJUtils.dumpHeaders:129] -----> Header Cache-Control:no-cache
2008-01-03 11:04:25,555 DEBUG [SAAJUtils.dumpHeaders:129] -----> Header Max-Forwards:10
2008-01-03 11:04:25,891 DEBUG [SOAPDispatcherServlet.onMessage:159] **** Start of Message Handling ****
2008-01-03 11:04:26,820 DEBUG [SOAPHelper.getElementValue:144] Found ServiceType
2008-01-03 11:04:26,824 DEBUG [CAAConfigLoader.getValue:56] Looking for config for scalix.res, key disabled found null
2008-01-03 11:04:26,840 DEBUG [SOAPTransformerFactory.getTransformer:50] Service type from SOAP message is scalix.res
2008-01-03 11:04:26,843 DEBUG [CAAConfigLoader.getValue:56] Looking for config for scalix.res, key transformer.class found com.scalix.sac.ubermgr.caa.RESTransformer
2008-01-03 11:04:26,978 DEBUG [SOAPHelperUtils.getSoapBodyElement:179] Body element1 CAARequestMessage = null
2008-01-03 11:04:26,982 DEBUG [SOAPHelperUtils.getSoapBodyElement:187] Body element2 ServiceType = scalix.res
2008-01-03 11:04:26,987 DEBUG [SOAPHelperUtils.getSoapBodyElement:187] Body element2 Credentials = null
2008-01-03 11:04:26,991 DEBUG [SOAPHelperUtils.getSoapBodyElement:190] Found Credentials
2008-01-03 11:04:26,995 DEBUG [SOAPHelperUtils.getCredentials:255] local name=id
2008-01-03 11:04:26,998 DEBUG [SOAPHelperUtils.getCredentials:256] qualified name=id
2008-01-03 11:04:27,002 DEBUG [SOAPHelperUtils.getCredentials:272] local name=name
2008-01-03 11:04:27,006 DEBUG [SOAPHelperUtils.getCredentials:273] qualified name=name
2008-01-03 11:04:27,009 DEBUG [SOAPHelperUtils.getCredentials:277] value=sxadmin@debian.schlee.lan
2008-01-03 11:04:27,013 DEBUG [SOAPHelperUtils.getCredentials:272] local name=passwd
2008-01-03 11:04:27,016 DEBUG [SOAPHelperUtils.getCredentials:273] qualified name=passwd
2008-01-03 11:04:27,019 DEBUG [SOAPHelperUtils.getCredentials:282] value=xxxxxxxxx
2008-01-03 11:04:27,023 DEBUG [SOAPHelperUtils.getSOAPBodyElementValue:69] Body element1 CAARequestMessage = null
2008-01-03 11:04:27,027 DEBUG [SOAPHelperUtils.getSOAPBodyElementValue:77] Body element2 ServiceType = scalix.res
2008-01-03 11:04:27,030 DEBUG [SOAPHelperUtils.getSOAPBodyElementValue:77] Body element2 Credentials = null
2008-01-03 11:04:27,034 DEBUG [SOAPHelperUtils.getSOAPBodyElementValue:77] Body element2 FunctionName = GetConsoleConfig
2008-01-03 11:04:27,037 DEBUG [SOAPHelperUtils.getSOAPBodyElementValue:80] Found FunctionName
2008-01-03 11:04:27,041 DEBUG [SOAPHelperUtils.getSOAPBodyElementValue:81] value =GetConsoleConfig
2008-01-03 11:04:27,375 DEBUG [SOAPHelperUtils.getSOAPBodyElementValue:69] Body element1 CAARequestMessage = null
2008-01-03 11:04:27,379 DEBUG [SOAPHelperUtils.getSOAPBodyElementValue:77] Body element2 ServiceType = scalix.res
2008-01-03 11:04:27,382 DEBUG [SOAPHelperUtils.getSOAPBodyElementValue:80] Found ServiceType
2008-01-03 11:04:27,574 DEBUG [SOAPHelperUtils.getSOAPBodyElementValue:81] value =scalix.res
2008-01-03 11:04:27,578 DEBUG [SOAPHelperUtils.getSOAPBodyElementValue:69] Body element1 CAARequestMessage = null
2008-01-03 11:04:27,582 DEBUG [SOAPHelperUtils.getSOAPBodyElementValue:77] Body element2 ServiceType = scalix.res
2008-01-03 11:04:27,586 DEBUG [SOAPHelperUtils.getSOAPBodyElementValue:77] Body element2 Credentials = null
2008-01-03 11:04:27,590 DEBUG [SOAPHelperUtils.getSOAPBodyElementValue:77] Body element2 FunctionName = GetConsoleConfig
2008-01-03 11:04:27,593 DEBUG [SOAPHelperUtils.getSOAPBodyElementValue:80] Found FunctionName
2008-01-03 11:04:27,597 DEBUG [SOAPHelperUtils.getSOAPBodyElementValue:81] value =GetConsoleConfig
2008-01-03 11:04:27,863 DEBUG [SOAPHelperUtils.getSoapBodyElement:179] Body element1 CAARequestMessage = null
2008-01-03 11:04:27,868 DEBUG [SOAPHelperUtils.getSoapBodyElement:187] Body element2 ServiceType = scalix.res
2008-01-03 11:04:27,872 DEBUG [SOAPHelperUtils.getSoapBodyElement:187] Body element2 Credentials = null
2008-01-03 11:04:27,875 DEBUG [SOAPHelperUtils.getSoapBodyElement:187] Body element2 FunctionName = GetConsoleConfig
2008-01-03 11:04:27,879 DEBUG [SOAPHelperUtils.getSoapBodyElement:187] Body element2 GetConsoleConfigParameters = null
2008-01-03 11:04:27,883 DEBUG [SOAPHelperUtils.getSoapBodyElement:190] Found GetConsoleConfigParameters
2008-01-03 11:04:27,893 DEBUG [CAAServiceFactory.getService:52] Looking for service called scalix.res
2008-01-03 11:04:27,897 DEBUG [CAAConfigLoader.getValue:56] Looking for config for scalix.res, key service.class found com.scalix.sac.ubermgr.caa.RESService
2008-01-03 11:04:28,343 DEBUG [SOAPDispatcherServlet.onMessage:266] Calling doRequest() on service com.scalix.sac.ubermgr.caa.RESService@3a5a9c
2008-01-03 11:04:28,398 DEBUG [LDAPHelperUtils.getTargetHost:335] Sending request using URL = ldap://debian.schlee.lan:389
2008-01-03 11:04:28,402 DEBUG [LDAPHelperUtils.getTargetHost:336] Sending request to ldap host =debian.schlee.lan
2008-01-03 11:04:28,406 DEBUG [LDAPHelperUtils.getTargetHost:337] Sending request as querymgr DN =cn=sxqueryadmin,o=scalix
2008-01-03 11:04:28,409 DEBUG [LDAPHelperUtils.getTargetHost:338] Filter =(omUlAuthid=sxadmin@debian.schlee.lan)
2008-01-03 11:04:30,236 DEBUG [RbacAuthorizationHelper.authenticateUser:59] Sending request using URL = ldap://debian.schlee.lan:389
2008-01-03 11:04:30,331 DEBUG [RbacAuthorizationHelper.authenticateUser:60] Sending request to ldap host =debian.schlee.lan
2008-01-03 11:04:30,335 DEBUG [RbacAuthorizationHelper.authenticateUser:61] Sending request as user id = sxadmin@debian.schlee.lan
2008-01-03 11:04:30,340 DEBUG [RbacAuthorizationHelper.authenticateUser:62] Filter =(omUlAuthid=sxadmin@debian.schlee.lan)
2008-01-03 11:04:30,481 ERROR [RbacAuthorizationHelper.authenticateUser:92] Exception:
javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2985)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2732)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2646)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:283)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:247)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.InitialContext.<init>(InitialContext.java:197)
at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)
at com.scalix.sac.ubermgr.ldap.LDAPQuery.initContext(LDAPQuery.java:88)
at com.scalix.sac.ubermgr.rbac.RbacAuthorizationHelper.authenticateUser(RbacAuthorizationHelper.java:63)
at com.scalix.sac.ubermgr.ldap.LDAPServiceHandler.Login(LDAPServiceHandler.java:114)
at com.scalix.sac.ubermgr.caa.RESService.authenticateAndAuthorizeUser(RESService.java:157)
at com.scalix.sac.ubermgr.caa.RESService.doRequest(RESService.java:83)
at com.scalix.caa.soap.SOAPDispatcherServlet.onMessage(SOAPDispatcherServlet.java:268)
at com.scalix.caa.soap.SAAJServlet.doPost(SAAJServlet.java:123)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
at org.apache.jk.server.JkCoyoteHandler.invoke(JkCoyoteHandler.java:200)
at org.apache.jk.common.HandlerRequest.invoke(HandlerRequest.java:283)
at org.apache.jk.common.ChannelSocket.invoke(ChannelSocket.java:773)
at org.apache.jk.common.ChannelSocket.processConnection(ChannelSocket.java:703)
at org.apache.jk.common.ChannelSocket$SocketConnection.runIt(ChannelSocket.java:895)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
at java.lang.Thread.run(Thread.java:595)
2008-01-03 11:04:30,789 DEBUG [SAAJServlet.doPost:130] ************ Request End Success ***************
I think there is something wrong with the LDAP authentication.
I read all posts concerning the topic 'no logon to sac' but I found no solution.
This is, what omshow -n sxadmin says:
Authentication ID: sxadmin
Globally Unique ID: 150000006c9eb774-05.0.861.291
User Name : sxadmin /CN=sxadmin
MailNode : schlee
Internet Address : "sxadmin" <sxadmin@schlee.lan>
System Login : 60534
Password : set
Admin Capabilities : YES
Mailbox Admin Capabilities : NO
Language : C
Mail Account: Unlocked
Last Signon : Never.
Receipt of mail : ENABLED
Service level : 0
Excluded from Tidying : NO
Recovery Folder visible : NO
User Class : Limited
SIS URL : sxidx://debian.schlee.lan/050000006c9eb774-05.0.861.291
and omshowu -n sxqueryadmin:
Authentication ID: sxqueryadmin@debian.schlee.lan
Globally Unique ID: 190000006c9eb774-05.0.861.291
User Name : sxqueryadmin /CN=sxqueryadmin
MailNode : schlee
Internet Address : "sxqueryadmin" <sxqueryadmin@schlee.lan>
System Login : 60535
Password : set
Admin Capabilities : YES
Mailbox Admin Capabilities : NO
Language : C
Mail Account: Unlocked
Last Signon : Never.
Receipt of mail : ENABLED
Service level : 0
Excluded from Tidying : NO
Recovery Folder visible : NO
User Class : Limited
SIS URL : sxidx://debian.schlee.lan/090000006c9eb774-05.0.861.291
I try to login with 'sxadmin@debian.schlee.lan'.
How can I check LDAP?
Can anobody help me?
Thanks, Uli