AD authentication fails after upgrade to 3.0.1.0

Report bugs and workarounds
Post Reply
User avatar
VMguru
Posts: 18
Joined: 18 Nov 2015 16:04

AD authentication fails after upgrade to 3.0.1.0

Post by VMguru »

All, I was wondering if anyone else was having this problem.

AD integration & authentication was working great in 3.0.0.8 & 3.0.0.9.
After upgrading to 3.0.1.0, no user from AD can authenticate to the MailWatch login page.
Mailwatch fails.jpg
Mailwatch fails.jpg (28.74 KiB) Viewed 5741 times
I've checked all settings, they are still set per all previous AD integration articles; conf.php, functions.php, php-ldap installed, openldap-clients installed, ldpa proxy service account still valid in AD and can login.

I went so far as to edit the /usr/local/bin/mailwatch/tools/Cron_jobs/mailwatch_ldap_sync.sh file with our settings and
re-ran it. That wiped out all the work I had done from consolidating multiple user accounts in the MySQL database.
But, it did re-import all our AD accounts. But still no joy on logins.

The only account that can successfully login, is the built-in Administrator account for EFA.

Any suggestions?
Top
colin
Posts: 99
Joined: 13 Feb 2014 16:09

Re: AD authentication fails after upgrade to 3.0.1.0

Post by colin »

I had the same issue going from 3.0.0.9 to 3.0.1.0
Initially I changed define('USE_LDAP', '1'); to define('USE_LDAP', '0');
Logged in as admin but still couldn't login as a user so I changed the user's password in EFA and could then login.
Then again changed define('USE_LDAP', '0'); to define('USE_LDAP', '1');
Initially I could not login as the user but then I restarted the MailScanner service (may be a red herring)
I can now login again but I am not convinced that the LDAP integration is working as another user could not login until I manually reset their password in EFA.
Top
colin
Posts: 99
Joined: 13 Feb 2014 16:09

Re: AD authentication fails after upgrade to 3.0.1.0

Post by colin »

OK a bit of progress. I changed the code to:
define('USE_LDAP', true);

And a packet capture shows that it is communicating but the return is:

LDAPMessage searchResDone(2) success [0 results]

If I create a new user in Active Directory and assign a mailbox, it fails to login using that user and no user is created in EFA.

Hope this helps.
Top
colin
Posts: 99
Joined: 13 Feb 2014 16:09

Re: AD authentication fails after upgrade to 3.0.1.0

Post by colin »

See viewtopic.php?f=5&t=1605
Top
User avatar
VMguru
Posts: 18
Joined: 18 Nov 2015 16:04

Re: AD authentication fails after upgrade to 3.0.1.0

Post by VMguru »

I actually had done what colin mentioned and changed the code to:
define('USE_LDAP', true);

and my AD integration is working again.
As colin pointed out the detailed thread relating to the solution exists here:
viewtopic.php?f=5&t=1605
Top
Post Reply

Return to “3.x Bugs”