LDAP Error - Cannot Login to Spark

Openfire Openfire Support
1

We’ve had Spark and Openfire running fine for about 4-5 months, recently several users had to change their passwords due to our policy (every 90 days) and it seems to be causing issues where users cannot login and they are getting invalid username and password. I looked at the logs and this is what I see under the “debug”:

2010.09.29 11:17:17 NIOConnection: startTLS: using c2s

2010.09.29 11:17:17 LdapManager: Trying to find a user’s DN based on their username. sAMAccountName: npoirier, Base DN: DC=“synthenet”,DC=“local”…

2010.09.29 11:17:17 LdapManager: Creating a DirContext in LdapManager.getContext()…

2010.09.29 11:17:17 LdapManager: Created hashtable with context values, attempting to create context…

2010.09.29 11:17:17 LdapManager: … context created successfully, returning.

2010.09.29 11:17:17 LdapManager: Starting LDAP search…

2010.09.29 11:17:17 LdapManager: Exception thrown when searching for userDN based on username ‘npoirier’

javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]; remaining name ‘’

at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)

at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source)

at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)

at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)

at javax.naming.directory.InitialDirContext.search(Unknown Source)

at org.jivesoftware.openfire.ldap.LdapManager.findUserDN(LdapManager.java:700)

at org.jivesoftware.openfire.ldap.LdapManager.findUserDN(LdapManager.java:637)

at org.jivesoftware.openfire.ldap.LdapAuthProvider.authenticate(LdapAuthProvider.j ava:112)

at org.jivesoftware.openfire.auth.AuthFactory.authenticate(AuthFactory.java:158)

at org.jivesoftware.openfire.net.XMPPCallbackHandler.handle(XMPPCallbackHandler.ja va:87)

at org.jivesoftware.openfire.sasl.SaslServerPlainImpl.evaluateResponse(SaslServerP lainImpl.java:112)

at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :245)

at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:161)

at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:133)

at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:570)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

at org.apache.mina.common.IoFilterAdapter.messageReceived(IoFilterAdapter.java:80)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:58)

at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:185)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :239)

at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:283)

at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)

at java.lang.Thread.run(Unknown Source)

2010.09.29 11:17:17 NIOConnection: startTLS: using c2s

2010.09.29 11:17:17 LdapManager: Trying to find a user’s DN based on their username. sAMAccountName: npoirier, Base DN: DC=“synthenet”,DC=“local”…

2010.09.29 11:17:17 LdapManager: Creating a DirContext in LdapManager.getContext()…

2010.09.29 11:17:17 LdapManager: Created hashtable with context values, attempting to create context…

2010.09.29 11:17:17 LdapManager: … context created successfully, returning.

2010.09.29 11:17:17 LdapManager: Starting LDAP search…

2010.09.29 11:17:17 LdapManager: Exception thrown when searching for userDN based on username ‘npoirier’

javax.naming.NamingException: [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]; remaining name ‘’

at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)

at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)

at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source)

at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)

at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)

at javax.naming.directory.InitialDirContext.search(Unknown Source)

at org.jivesoftware.openfire.ldap.LdapManager.findUserDN(LdapManager.java:700)

at org.jivesoftware.openfire.ldap.LdapManager.findUserDN(LdapManager.java:637)

at org.jivesoftware.openfire.ldap.LdapAuthProvider.authenticate(LdapAuthProvider.j ava:112)

at org.jivesoftware.openfire.auth.AuthFactory.authenticate(AuthFactory.java:158)

at org.jivesoftware.openfire.net.XMPPCallbackHandler.handle(XMPPCallbackHandler.ja va:87)

at org.jivesoftware.openfire.sasl.SaslServerPlainImpl.evaluateResponse(SaslServerP lainImpl.java:112)

at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :245)

at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:161)

at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:133)

at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:570)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

at org.apache.mina.common.IoFilterAdapter.messageReceived(IoFilterAdapter.java:80)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:58)

at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:185)

at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)

at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)

at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)

at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :239)

at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:283)

at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source)

at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)

at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)

at java.lang.Thread.run(Unknown Source)

Can anyone assist with this?

2

looks as though u might have lost your connection to Active Directory…did the account used to make the connection have its password expire as well? If so, did you update it in Openfire as well?

3

I believe that is exactly what happened, I ended up re-installing Openfire, but in the future if this happens again, where can I change the password in Openfire if i’m not able to log into the Admin console?

4

I do not believe you can access the console if it expired. The easiest way is to set the account used to connect to A/D to password never expires…if it does, and you have that password handy, you can reset the password and you should be fine…

In your case you dindt have to reinstall but rather you can simply open the C:\Program Files\Openfire\conf\openfire.xml file and modify this line true…change it to false, and then you can re-do your setup…all the info is stored in the database so unless you change DB’s all your chat history, groups etc should still be there

5

Ok great, thank you very much I appreciate your support!