Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » AD logins fail
  •  
Alin Pastrama

Messages: 19
Karma: 0
Send a private message to this user
Hello.

I am running Kerio Connect 7.4.3 on an OSX 10.8 server. I import my users from a Microsoft Active Directory. The Kerio+AD setup has been in place for about a year now and has been running smoothly. During the past week I started having the following issue:

AD users fail to login to Kerio, both from their clients and from the web interface. Their AD credentials work on all other systems that we use. The two solutions to this that I have found to work are:

1. Remove the user from Kerio, then re-add it.
2. Reset the user's AD password.

Sometimes a combination of the two is necessary until the user is able to login to Kerio again.

Is this a known/common issue?

Note: This might not have anything to do with AD, as I do not have any local users to compare. However, I expect that such an issue would be well known and addressed by now if it were related strictly to Kerio, hence I suspect the AD integration.
  •  
Kedar

Messages: 1320
Karma: 48
Send a private message to this user
AFAIK there is no known issue.

Check all patches/updates on AD server and Mac OS X Server installed in last one or two weeks.

To see more about issue, you should enable modules "User Authentication" and "Directory Service Lookup" in debug log.

  •  
Alin Pastrama

Messages: 19
Karma: 0
Send a private message to this user
No updates have been installed on the Kerio server or the AD domain controller recently. I may have found the cause of the problem, though.

My AD domain is AD.COMPANY.COM.
My Kerberos realm is COMPANY.COM.

These have been configured accordingly in Kerio. However, it seems that the Kerberos realm at some point changed to AD.COMPANY.COM. I cannot find anything in the logs that would point to when, or why this change took place.

Now I have changed the settings back to what they should be. Let's see if the login issue still occurs, or if the Kerberos realm changes name again.

[Updated on: Fri, 23 November 2012 21:16]

Previous Topic: Negative TOTAL_SCORE in Junk Filter (getting too much spam)
Next Topic: v8 RC2 offline connector not working anyone else?
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Fri Sep 22 06:38:51 CEST 2017

Total time taken to generate the page: 0.00343 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.