Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » LDAP / OD and Kerio
  •  
rkovelman

Messages: 63
Karma: 0
Send a private message to this user
Hello,
I have setup my users by pulling them from my LDAP server (Mac). Only issue I am seeing is that when I try to log in it says access denied. When I use that same user name and password to that server via SMB or AFP I log in fine. This is through webmail or with the KOC offline connector. Anyone know why? Below is the log: (BTW kerio and LDAP are on the same server)

[02/Jun/2008 19:17:29][2972356608] {conn} SSL debug: id 0x279d1a0 SSL handshake started: before/accept initialization
[02/Jun/2008 19:17:29][2972356608] {conn} SSL debug: id 0x279d1a0 SSL_accept:before/accept initialization
[02/Jun/2008 19:17:29][2972356608] {conn} SSL debug: id 0x279d1a0 SSL_accept:SSLv3 read client hello A
[02/Jun/2008 19:17:29][2972356608] {conn} SSL debug: id 0x279d1a0 SSL_accept:SSLv3 write server hello A
[02/Jun/2008 19:17:29][2972356608] {conn} SSL debug: id 0x279d1a0 SSL_accept:SSLv3 write certificate A
[02/Jun/2008 19:17:29][2972356608] {conn} SSL debug: id 0x279d1a0 SSL_accept:SSLv3 write server done A
[02/Jun/2008 19:17:29][2972356608] {conn} SSL debug: id 0x279d1a0 SSL_accept:SSLv3 flush data
[02/Jun/2008 19:17:29][2972356608] {conn} SSL debug: id 0x279d1a0 SSL_accept:SSLv3 read client key exchange A
[02/Jun/2008 19:17:29][2972356608] {conn} SSL debug: id 0x279d1a0 SSL_accept:SSLv3 read finished A
[02/Jun/2008 19:17:29][2972356608] {conn} SSL debug: id 0x279d1a0 SSL_accept:SSLv3 write change cipher spec A
[02/Jun/2008 19:17:29][2972356608] {conn} SSL debug: id 0x279d1a0 SSL_accept:SSLv3 write finished A
[02/Jun/2008 19:17:29][2972356608] {conn} SSL debug: id 0x279d1a0 SSL_accept:SSLv3 flush data
[02/Jun/2008 19:17:29][2972356608] {conn} SSL debug: id 0x279d1a0 SSL handshake done: SSL negotiation finished successfully
[02/Jun/2008 19:17:29][2972356608] {conn} Established secure server connection from 192.168.16.202:50475 to 192.168.16.202:443 using TLSv1/SSLv3 with cipher AES128-SHA, id 0x18b9e20
[02/Jun/2008 19:17:30][2972356608] {auth} Krb5: entering auth (user: rkovelman<_a.t_>test.COM)
[02/Jun/2008 19:17:30][2972356608] {auth} Krb5: get_init_creds_password(krbtgt/test.COM<_a.t_>test.COM, rkovelman<_a.t_>test.COM): Cannot resolve network address for KDC in requested realm, error code 0x96c73adc (-1765328164)
[02/Jun/2008 19:17:33][2972356608] {conn} SSL debug: id 0x279d1a0 SSL3 alert read:warning:close notify
[02/Jun/2008 19:17:33][2972356608] {conn} SSL debug: id 0x279d1a0 SSL3 alert write:warning:close notify
[02/Jun/2008 19:17:33][2971299840] {conn} SSL debug: id 0x279d1a0 SSL handshake started: before/accept initialization
[02/Jun/2008 19:17:33][2971299840] {conn} SSL debug: id 0x279d1a0 SSL_accept:before/accept initialization
[02/Jun/2008 19:17:33][2971299840] {conn} SSL debug: id 0x279d1a0 SSL_accept:SSLv3 read client hello A
[02/Jun/2008 19:17:33][2971299840] {conn} SSL debug: id 0x279d1a0 SSL_accept:SSLv3 write server hello A
[02/Jun/2008 19:17:33][2971299840] {conn} SSL debug: id 0x279d1a0 SSL_accept:SSLv3 write change cipher spec A
[02/Jun/2008 19:17:33][2971299840] {conn} SSL debug: id 0x279d1a0 SSL_accept:SSLv3 write finished A
[02/Jun/2008 19:17:33][2971299840] {conn} SSL debug: id 0x279d1a0 SSL_accept:SSLv3 flush data
[02/Jun/2008 19:17:33][2971299840] {conn} SSL debug: id 0x279d1a0 SSL_accept:SSLv3 read finished A
[02/Jun/2008 19:17:33][2971299840] {conn} SSL debug: id 0x279d1a0 SSL handshake done: SSL negotiation finished successfully
[02/Jun/2008 19:17:33][2971299840] {conn} Established secure server connection from 192.168.16.202:50480 to 192.168.16.202:443 using TLSv1/SSLv3 with cipher AES128-SHA, id 0x1835c20

[Updated on: Tue, 03 June 2008 01:38]

  •  
skeates

Messages: 104
Karma: 0
Send a private message to this user
Did you ever resolve this. I am experiencing the same issue on my mail server. LDAP is working and the server is configured correctly as it works on my offline back up server which I tested this on prior to trying to implement it on my live server.

I also have various other services in the office using the ldap with out any issues.
  •  
Lyle M

Messages: 410

Karma: 7
Send a private message to this user
skeates,

Make sure you have proper forward and reverse DNS entries for your Kerio server (must be FQDN).

Make sure all system clocks are set to the same time.

Make sure your Kerio server is properly bound to the domain (server admin & directory util).

If your mail server is OS X 10.5 or later, and it was cloned from another machine, you'll have to reset your LKDC.

Regards,
Lyle
  •  
Lyle M

Messages: 410

Karma: 7
Send a private message to this user
BTW, these are just the most common troubleshooting steps. For anything further you'll need to provide much greater detail on your configuration.
Previous Topic: Nickname Cache on Kerio Connect?
Next Topic: HTC Hero (Android) Email sync issue - missing first character of 'from' email address
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sat Nov 18 22:15:47 CET 2017

Total time taken to generate the page: 0.00444 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.