0

I'm using Zimbra Collaboration Suite 5.0.11 and it's been working pretty well until yesterday. I've added a new mail account using the administration console with no errors. But when I try to login with the newly created account, I get the following error (beign ACCOUNTNAME and DOMAIN the new account domain and name):

[btpool0-634] [name=ACCOUNTNAME@DOMAIN.com;oip=10.0.0.166;
ua=zclient/5.0.11_GA_2695.DEBIAN4.0;] security - cmd=Auth;
account=ACCOUNTNAME@DOMAIN.com; protocol=soap; error=authentication failed 
for ACCOUNTNAME@DOMAIN.com, external LDAP auth failed, [LDAP: error code 
49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, 
vece];

I've searched a bit and read that it's like the new account does not exist in the ldap server, but using zmprov ga ACCOUNTNAME@DOMAIN.com I can find and check the new account.

Old users have no problem login in, just new ones.

Of course I'm using openldap (the one bundled with ZCS) as LDAP server.

Any clue about what's going on or what can I check?

Guillem Gelabert
  • 101
  • 1
  • 1

3 Answers3

2

Have you thought to ask this question on Zimbra forums they have very active forums.

JamesBarnett
  • 1,129
  • 8
  • 12
1

LDAP 49 errors are the bad password, bad DN sort of problem.

data: 525 means bad bind DN.

Look at LDAP 49 error code for some more info.

Can you bind with the FQDN of the user in more LDAP like syntax, instead of user@domain?

geoffc
  • 2,135
  • 5
  • 25
  • 37
1

It looks like it is checking the account's password based on an external LDAP call. If that's the case, the account would need to be created in both the LDAP server and Zimbra. In my system, I create an Active Directory account then a Zimbra account with the same name.

Hope that helps