Hi everybody,
I had openfire 3.3.2 running with an Windows 2000 Server ActiveDirectory which worked fine.
Now I set up Openfire completely new with version 3.4.2 and with a new ActiveDirectory on Windows Server 2003.
When setting up Openfire it already complains when testing the LDAP settings, that the credentials are not ok.
I have the following settings:
Server Type: Active Directory
Host: mydc.domain.local
Port: 389
Base DN: OU=usr,DC=domain,DC=local
Admin DN: CN=Administrator,OU=Users,DC=domain,DC=local
The password must be ok, because I am authenticating with these credentials when managing the DC with RDP.
In the logfile I get:
javax.naming.AuthenticationException: LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece^@
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3005)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2951)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2753)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2667)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:287)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:134)
at org.jivesoftware.openfire.ldap.LdapManager.getContext(LdapManager.java:410)
at org.jivesoftware.openfire.ldap.LdapManager.getContext(LdapManager.java:347)
at org.jivesoftware.openfire.admin.setup.setup_002dldap_002dserver_005ftest_jsp._j spService(setup_002dldap_002dserver_005ftest_jsp.java:67)
at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:487)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1093)
at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:39)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)
at org.jivesoftware.util.LocaleFilter.doFilter(LocaleFilter.java:65)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)
at org.jivesoftware.util.SetCharacterEncodingFilter.doFilter(SetCharacterEncodingF ilter.java:41)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)
at org.jivesoftware.admin.PluginFilter.doFilter(PluginFilter.java:69)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)
at org.jivesoftware.admin.AuthCheckFilter.doFilter(AuthCheckFilter.java:98)
at org.mortbay.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.ja va:1084)
at org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:360)
at org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:181)
at org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:712)
at org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:405)
at org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollect ion.java:211)
at org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
at org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:139)
at org.mortbay.jetty.Server.handle(Server.java:313)
at org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:506)
at org.mortbay.jetty.HttpConnection$RequestHandler.headerComplete(HttpConnection.j ava:830)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:514)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:211)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:381)
at org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:396)
at org.mortbay.thread.BoundedThreadPool$PoolThread.run(BoundedThreadPool.java:442)
When enabling debugging I get also:
Created new LdapManager() instance, fields:
host: http://mydc.domain.local
port: 389
usernamefield: uid
usernameSuffix:
baseDN: OU=usr,DC=projektron,DC=local
alternateBaseDN: null
nameField: cn
emailField: mail
adminDN: CN=Administrator,OU=Users,DC=projektron,DC=local
adminPassword: ********
searchFilter: null
subTreeSearch:true
ldapDebugEnabled: true
sslEnabled: false
initialContextFactory: com.sun.jndi.ldap.LdapCtxFactory
connectionPoolEnabled: false
autoFollowReferrals: false
groupNameField: cn
groupMemberField: member
groupDescriptionField: description
posixMode: false
groupSearchFilter: null
-> mydc.domain.local:389
0000: 30 45 02 01 01 60 40 02 01 03 04 30 43 4E 3D 41 0E…`@…0CN=A
0010: 64 6D 69 6E 69 73 74 72 61 74 6F 72 2C 4F 55 3D dministrator,OU=
0020: 55 73 65 72 73 2C 44 43 3D 70 72 6F 6A 65 6B 74 Users,DC=dom
0030: 72 6F 6E 2C 44 43 3D 6C 6F 63 61 6C 80 09 34 30 ain,DC=local…**
0040: 45 72 6B 72 61 74 68 ******
<- mydc.domain.local:389
0000: 30 84 00 00 00 67 02 01 01 61 84 00 00 00 5E 0A 0…g…a…^.
0010: 01 31 04 00 04 57 38 30 30 39 30 33 30 38 3A 20 .1…W80090308:
0020: 4C 64 61 70 45 72 72 3A 20 44 53 49 44 2D 30 43 LdapErr: DSID-0C
0030: 30 39 30 33 33 34 2C 20 63 6F 6D 6D 65 6E 74 3A 090334, comment:
0040: 20 41 63 63 65 70 74 53 65 63 75 72 69 74 79 43 AcceptSecurityC
0050: 6F 6E 74 65 78 74 20 65 72 72 6F 72 2C 20 64 61 ontext error, da
0060: 74 61 20 35 32 35 2C 20 76 65 63 65 00 ta 525, vece.
Anybody any idea what this could be?
Do I have to activate anything with the ActiveDirectory?
Thanks a lot,
Matthias