Zentyal Forum, Linux Small Business Server
Zentyal Server => Directory and Authentication => Topic started by: compumatter on June 29, 2017, 12:32:35 am
-
Hello,
I have changed my servers hostname and then again... and now it is back to what it started with.
I have found since then, Jabber will not bind to LDAP services see video?:
I took a screen shot of the servers /var/log/ejabberd/ejabberd.log flie at very moment that I tried to login with pidgin (see attached)
The video which just goes on and on shows reattempts are rejected: https://www.youtube.com/watch?v=Q04hiVcKY2g
Credentials are correct. They have been triple verified.
Finally, after exhausting all other avenues I unchecked Domain / File Sharing from the Zentyal Modules and completed purged and reintsalled all Jabber modules with:
apt-get remove --purge zentyal-jabber
apt-get remove --purge ejabberd
apt-get autoremove --purge
Turned off Module Domain Controller and File Sharing
Saved everything
Rebooted the server
When I logged in with Pidgin and did ask me to approve the Secure Certificate which I said yes to. However the moment I select 'Accept' it Pidgin returns error : "Lost connection with the server: Input/output error" with option to reconnect (but it will not connect)
Jabber was working with LDAP prior to the hostname changes. Now it will not work at all.
I do not know for sure if the LDAP errors are related to my Jabber problem of not connecting but I am suspecting it is.
Also, I have found the file: https://github.com/processone/ejabberd/blob/master/src/eldap.erl which contains the code that spawns the error ie; report_bind_failure(S#eldap.host, S#eldap.port, Reason),
If anyone out there has run into this, I would be grateful for the solution. Otherwise I will have to try radical maneuvers all the way up to a format reinstall.
FOLLOW UP: Am experiencing the very same problem showing up in the nextcloud.log file of bind failure and 49.
So it's not a jabber thing, it's an ldap thing.
What sayeth the group.
Sincerely,
Jay
CompuMatter
www.compumatter.com
-
I have found what is wrong here - I have not found how to solve it.
When I check the /etc/ejabberd/ejabberd.yml configuration file which is generated by Zentyal I am finding a misconfiguration
- ldap_rootdn: "CN=zentyal-jabber-mydomainname,CN=Users,DC=domainmatter,DC=lan"
- ldap_password: ""rDDmdsjsQrzKM/EYdvvYPN9"
They are both WRONG !
There is no user by that name in my Users list. I don't know where that user comes from and why it has ldap credentials to being with.
So I manually edited that file and changed the rootdn="first last" name that has Domain Admin privileges and set their password to the same one as saved in Zentyal Users for that user.
I then restarted Jabber with sudo service ejabberd restart
I was immediately able to validate with no problems from client Pidgin IM software !!!
However any time I save Jabber, or reboot the computer, this ejabberd.yml file is changed to the WRONG credentials.
I have searched the web over and have not found this to be resolved or even discussed.
Can someone tell me where o where is this being set and how can I modify the LDAP creds coming from the Jabber module so they are correct
Here is an important foot note:
I added a new user by the name that was falsely shown in the ejabberd.yml file ie; zentyal-jabber-mydomain figuring I could set a password and maybe it would use this user.
- I was surprised when it gave me error and said "Accoun name zentylal-jabber-... already exists !!
So I have a phantom user but no way to control it.
What sayeth the group ?
Jay[/list]