LDAP Bind Errors in Zentyal with both Jabber and Nextcloud

[compumatter]

Hello,

I have changed my servers hostname and then again... and now it is back to what it started with. 

I have found since then, Jabber will not bind to LDAP services see video?:

I took a screen shot of the servers /var/log/ejabberd/ejabberd.log flie at very moment that I tried to login with pidgin (see attached)

The video which just goes on and on shows reattempts are rejected:  https://www.youtube.com/watch?v=Q04hiVcKY2g

Credentials are correct.  They have been triple verified.

Finally, after exhausting all other avenues I unchecked Domain / File Sharing from the Zentyal Modules and completed purged and reintsalled all Jabber modules with:

    apt-get remove --purge zentyal-jabber
    apt-get remove --purge ejabberd
    apt-get autoremove --purge
    Turned off Module Domain Controller and File Sharing
    Saved everything
    Rebooted the server

When I logged in with  Pidgin and did ask me to approve the Secure Certificate which I said yes to.  However the moment I select 'Accept' it Pidgin returns error : "Lost connection with the server: Input/output error" with option to reconnect (but it will not connect)

Jabber was working with LDAP prior to the hostname changes.  Now it will not work at all. 

I do not know for sure if the LDAP errors are related to my Jabber problem of not connecting but I am suspecting it is. 

Also, I have found the file: https://github.com/processone/ejabberd/blob/master/src/eldap.erl which contains the code that spawns the error ie; report_bind_failure(S#eldap.host, S#eldap.port, Reason),

If anyone out there has run into this, I would be grateful for the solution.  Otherwise I will have to try radical maneuvers all the way up to a format reinstall. 

FOLLOW UP: Am experiencing the very same problem showing up in the nextcloud.log file of bind failure and 49.

So it's not a jabber thing, it's an ldap thing.

What sayeth the group.

Sincerely,

Jay
CompuMatter
www.compumatter.com

[compumatter]

I have found what is wrong here - I have not found how to solve it.

When I check the /etc/ejabberd/ejabberd.yml configuration file which is generated by Zentyal I am finding a misconfiguration

• ldap_rootdn: "CN=zentyal-jabber-mydomainname,CN=Users,DC=domainmatter,DC=lan"
• ldap_password: ""rDDmdsjsQrzKM/EYdvvYPN9"

They are both WRONG !

There is no user by that name in my Users list. I don't know where that user comes from and why it has ldap credentials to being with. 

So I manually edited that file and changed the rootdn="first last" name that has Domain Admin privileges and set their password to the same one as saved in Zentyal Users for that user.

I then restarted Jabber with sudo service ejabberd restart

I was immediately able to validate with no problems from client Pidgin IM software !!!

However any time I save Jabber, or reboot the computer, this ejabberd.yml file is changed to the WRONG credentials.

I have searched the web over and have not found this to be resolved or even discussed.

Can someone tell me where o where is this being set and how can I modify the LDAP creds coming from the Jabber module so they are correct

Here is an important foot note:

I added a new user by the name that was falsely shown in the ejabberd.yml file ie; zentyal-jabber-mydomain figuring I could set a password and maybe it would use this user. 

• I was surprised when it gave me error and said "Accoun name zentylal-jabber-... already exists !!

So I have a phantom user but no way to control it.

What sayeth the group ?

Jay[/list]