ldap binding timeout [SOLVED]

Hello everyone,

I am administrator of 13 Windows domains and I need to let users to communicate over jabber server that is "active directory friendly". I have trouble with binding Ejabber server 14.07 to Active Directory 2008r2, which uses ldaps.

Well, it's been working for one and half day, i could communicate across domains, everything was perfect. I was using ejabberdctl live command for quick debuging, After starting it as system service, binding is not working at all, even with "live mode". I receive many timeout messages in logs

2015-04-02 15:09:14.896 [debug] <0.2257.0>@eldap:handle_info:779 eldap. Unexpected Info: {timeout,#Ref<0.0.47.121025>,{timeout,bind_timeout}}
In state: connecting
when StateData is: {eldap,3,[<<"dc02.my.one-domain.com">>],<<"c02.my.one-domain.com">>,636,gen_tcp,none,[],undefined,<<"CN=ldap,OU=Service,DC=my,DC=one,DC=domain,DC=com">>,<<"secretpasword">>,22666,#Ref<0.0.47.128419>,{dict,0,16,16,8,80,48,{[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[]},{{[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[]}}},{[],[]}}
2015-04-02 15:09:14.896 [debug] <0.2255.0>@eldap:handle_info:779 eldap. Unexpected Info: {timeout,#Ref<0.0.47.121023>,{timeout,bind_timeout}}
In state: connecting
when StateData is: {eldap,3,[<<"dc02.my.one.domain.com">>],<<"dc02.my.one.domain.com">>,636,gen_tcp,none,[],undefined,<<"CN=ldap,OU=Service,DC=my,DC=one,DC=domain,DC=com">>,<<"secretpassword">>,22664,#Ref<0.0.47.128414>,{dict,0,16,16,8,80,48,{[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[]},{{[],[],[],[],[],[],[],[],[],[],[],[],[],[],[],[]}}},{[],[]}}

bind is never in state connected, it is always connecting or wait_bind_response

my config:
"this.one.domain.cz":
auth_method: ldap
domain_certfile: "/etc/openldap/certs/msp-cer.pem"
ldap_servers:
- "dc01.my.one.domain.com"
- "dc02.my.one.domain.com"
ldap_uids:
- "sAMAccountName"
ldap_port: 636
ldap_rootdn: "CN=ldap,OU=Service,DC=my,DC=one,DC=domain,DC=com"
ldap_password: "secretpassword"
ldap_base: "DC=my,DC=one,DC=domain,DC=com"
ldap_filter: "(&(objectCategory=person)(objectClass=user)(memberOf=CN=jabber-group,OU=Groups,DC=my,DC=one,DC=domain,DC=com))"

when i do manual ldapsearch, reply is as it used to be. there is no firewall running on any side/server. all of them has same behaviour.

any idea what the problem is, please? thanks!

small update: i've tried

small update:

i've tried couple on things that popped out of my mind:

- disable ldap user account
- rename domain certificate file

and result? still the same, no change at all.
In State: wait_bind_response
In state: connecting

i double checked permissions to certificate and other files and everything is ok...
any idea what's wrong?

well. problem solved :) my

well. problem solved :)

my config:
"this.one.domain.cz":
auth_method: ldap
ldap_encrypt: tls
ldap_tls_verify: false

Can you also help me setup my

Can you also help me setup my server?

I also have connection problems...

http://185.120.14.42:5280/admin

admin@localhost
admin

Can I reach you somewhere on IM?

Syndicate content