[ZendTo] Authentication Error - The username or password was incorrect
Jules
Jules at Zend.To
Wed Jul 22 09:54:55 BST 2020
Also, google "phpmailer Could not connect to SMTP host" and you will
find lots of helpful articles.
BTW for 99% of users the Installer gets it all right first time. :-)
On 21/07/2020 20:55, Marlon Deerr wrote:
>
> Hey Jules,
>
> Here is a portion of what was displayed after my attempt to re-send
> the dropoff. It failed (obviously), but I’m not sure why it is.
>
> 2020-07-21 16:51:21 CLIENT -> SERVER: STARTTLS
>
> 2020-07-21 16:51:21 SERVER -> CLIENT: 220 2.0.0 SMTP server ready
>
> SMTP Error: Could not connect to SMTP host.
>
> 2020-07-21 16:51:21 CLIENT -> SERVER: QUIT
>
> 2020-07-21 16:51:21 SERVER -> CLIENT:
>
> 2020-07-21 16:51:21 SMTP ERROR: QUIT command failed:
>
> SMTP connect() failed. Sta
>
> *_What I have done to troubleshoot_*
>
> *__*
>
> 1.Tried setting the SMTP port within preferences to 25, 465 & 587 –
> failed on each re-send
>
> 2.Opened a PowerShell prompt opened a telnet session to our mail
> server (on port 25) – success
>
> 3.Sent a simple email from myself to myself – success (my Outlook
> client received it right away)
>
> 4.Sent another simple test email but this time from another email
> address to myself - success
>
> This tells me that technically I can connect to the server and send
> emails. Not sure why ZendTo is failing to connect.
>
>
> Marlon Deerr, Technology Manager
> 416-572-8795(direct) | MDeerr at hshlawyers.com
> <mailto:MDeerr at hshlawyers.com>
> <https://www.hshlawyers.com>
> <https://www.linkedin.com/company/howie-sacks-&-henry-llp---personal-injury-law/>
> <https://twitter.com/hshlawyers>
> <https://www.facebook.com/HSHPersonalInjuryLawyers/>
> <https://www.youtube.com/user/hshlawyers> 3500 - 20 Queen St. W.,
> Toronto, ON M5H 3R3
> Fax: 416-361-0083 | Toll Free: 877-474-5997 | www.hshlawyers.com
> <https://www.hshlawyers.com>
>
>
> This Howie Sacks & Henry e-mail is privileged, confidential and
> subject to copyright. Any unauthorized use or disclosure is prohibited.
>
>
>
> *From:* Jules [mailto:Jules at Zend.To]
> *Sent:* Tuesday, July 21, 2020 7:41 AM
> *To:* Marlon Deerr <MDeerr at hshlawyers.com>
> *Subject:* Re: [ZendTo] Authentication Error - The username or
> password was incorrect
>
> On 21/07/2020 12:32, Marlon Deerr wrote:
>
> You did the trick Jules. Removing “ldaps://” <ldaps://”> from
> hostname of the authLDAPSServers1 value worked. I thought that it
> was supposed to be there so I never even thought to remove that.
>
> Yay! You need to add the ldaps:// <ldaps://> when you are encrypting
> all the traffic to your AD server. Which you're not. In which case it
> just wants the hostname and nothing else.
>
>
> Now I just need to work on getting SMTP working. I was working on
> one problem at a time.
>
> There's a slightly curious but effective way of debugging this setup...
> Send yourself (or a test account) a drop-off.
> Through your ZendTo Outbox, view the drop-off.
> Edit preferences.php to set
> 'SMTPdebug' => true,
> (it's normally set to false, it will be near the bottom of the SMTP
> settings in preferences.php).
> Click on the "Resend Dropoff" button on the web page.
> You will see the entire SMTP conversation happen on the web page output.
> It often only stays there for a few seconds, so you might want to be
> ready with whatever keys you need to take a screenshot!
>
> Fix the problems and get the "Resend Dropoff" debug output looking
> right. You should see some "OK" type messages.
>
> Then reset
> 'SMTPdebug' => false,
> before trying anything else, such as creating a new drop-off.
> Having that 'SMTPdebug'set to true will break the new drop-off process.
>
> It's usually fairly straightforward to fix. Feel free to send me a
> screenshot or two if you can't see what's wrong (I've had 30 years
> experience running enterprise email systems, so what's easy/obvious to
> me may well not be to you. Sorry about that!).
>
> Cheers,
> Jules.
>
>
>
>
> Thanks so much for your assistance.
>
> *Marlon Deerr*, *Technology Manager*
> 416-572-8795(direct)| MDeerr at hshlawyers.com
> <mailto:MDeerr at hshlawyers.com>
> <https://www.hshlawyers.com>
>
> <https://www.linkedin.com/company/howie-sacks-&-henry-llp---personal-injury-law/>
> <https://twitter.com/hshlawyers>
> <https://www.facebook.com/HSHPersonalInjuryLawyers/>
> <https://www.youtube.com/user/hshlawyers>
>
>
>
> 3500 - 20 Queen St. W., Toronto, ON M5H 3R3
> Fax: 416-361-0083 | Toll Free: 877-474-5997| www.hshlawyers.com
> <https://www.hshlawyers.com>
>
> This Howie Sacks & Henry e-mail is privileged, confidential and
> subject to copyright. Any unauthorized use or disclosure is
> prohibited.
>
> *From:* Jules [mailto:Jules at Zend.To <mailto:Jules at Zend.To>]
> *Sent:* Tuesday, July 21, 2020 4:02 AM
> *To:* Marlon Deerr <MDeerr at hshlawyers.com>
> <mailto:MDeerr at hshlawyers.com>
> *Subject:* Re: [ZendTo] Authentication Error - The username or
> password was incorrect
>
> Marlon,
>
> Try changing this setting to the one below:
> 'authLDAPServers1' => array('hsh-dc.hsh.local'),
> What I've done is remove the "ldaps://" <ldaps://> from the
> hostname of the authLDAPServers1 value.
>
> If that doesn't fix it, can you send me the exact ldapsearch
> command you used that worked?
>
> Cheers,
> Jules.
>
>
> On 20/07/2020 20:52, Marlon Deerr wrote:
>
> Hello Jules,
>
> Thank you for following up on this issue I’m experiencing. To
> answer your question, yes, I meant to refer to my AD server
> not DNS. As for the ldapsearch utility, yes I am able to
> successfully show my details when I insert the correct values
> in the command. Also, as requested, I have copy/pasted the
> LDAP section of my preferences.php file for you to take a look at.
>
> Hopefully, you see something I’m missing.
>
> *Marlon Deerr*, *Technology Manager*
> 416-572-8795(direct)| MDeerr at hshlawyers.com
> <mailto:MDeerr at hshlawyers.com>
> <https://www.hshlawyers.com>
>
> <https://www.linkedin.com/company/howie-sacks-&-henry-llp---personal-injury-law/>
> <https://twitter.com/hshlawyers>
> <https://www.facebook.com/HSHPersonalInjuryLawyers/>
> <https://www.youtube.com/user/hshlawyers>
>
>
>
> 3500 - 20 Queen St. W., Toronto, ON M5H 3R3
> Fax: 416-361-0083 | Toll Free: 877-474-5997|
> www.hshlawyers.com <https://www.hshlawyers.com>
>
> This Howie Sacks & Henry e-mail is privileged, confidential
> and subject to copyright. Any unauthorized use or disclosure
> is prohibited.
>
> *From:* Jules [mailto:Jules at Zend.To <mailto:Jules at Zend.To>]
> *Sent:* Saturday, July 18, 2020 8:03 AM
> *To:* Marlon Deerr <MDeerr at hshlawyers.com>
> <mailto:MDeerr at hshlawyers.com>
> *Subject:* Re: [ZendTo] Authentication Error - The username or
> password was incorrect
>
> Marlon,
>
> On 17/07/2020 22:54, Marlon Deerr wrote:
>
> Jules,
>
> No, I didn’t type in < and > characters. I only did that
> to not show real usernames on my end. So to be clear, no
> I did not type in those characters as part of the username
> when using the /opt/zendto/bin/adduser command. As for
> certificates, I’m not sure as our DNS server
>
> I assume you mean your AD server, not your DNS server. DNS
> should have no impact on this at all.
>
>
>
>
> is actually managed by our MSP. With that said, when I do
> run the openssl command, I get the below output.
>
> That looks like they're not running any encryption on your AD
> traffic. Okay, but Microsoft are going to mandate encryption
> on AD traffic very soon. But in the mean time, you should be
> okay using it unencrypted.
>
> On zend.to/activedirectory, read section 2 and there is an
> ldapsearch command. Replacing the necessary bits of that, can
> you get it to show you your details?
>
> If you can send me your AD settings from preferences.php (all
> the LDAP settings whose names end in 1, 2 or 3), I can take a
> look and suggest an ldapsearch command that should work if
> your settings are correct.
>
>
>
>
> As for the log file at /var/log/zendto/zendto.log, if it
> says Warning: authorization failed for username, does that
> mean it wasn’t able to read from our AD Server. Not sure
> how to interpret that because before I ran the upgrade
> command after applying the latest patch, it seemed as
> though it was able to read from AD. Now I’m not sure
> what’s going on.
>
> It probably did manage to connect to your AD server, but
> couldn't get any further.
>
>
>
>
> _Output for _*_openssl s_client -connect
> your-ad-server.company.com:636_*
>
> From this output, it looks like you're running AD unencrypted.
>
> Cheers,
> Jules.
>
>
>
>
> CONNECTED(00000003)
>
> write:errno=104
>
> ---
>
> no peer certificate available
>
> ---
>
> No client certificate CA names sent
>
> ---
>
> SSL handshake has read 0 bytes and written 283 bytes
>
> Verification: OK
>
> ---
>
> New, (NONE), Cipher is (NONE)
>
> Secure Renegotiation IS NOT supported
>
> Compression: NONE
>
> Expansion: NONE
>
> No ALPN negotiated
>
> Early data was not sent
>
> Verify return code: 0 (ok)
>
> *Marlon Deerr*, *Technology Manager*
> 416-572-8795(direct)| MDeerr at hshlawyers.com
> <mailto:MDeerr at hshlawyers.com>
> <https://www.hshlawyers.com>
>
> <https://www.linkedin.com/company/howie-sacks-&-henry-llp---personal-injury-law/>
> <https://twitter.com/hshlawyers>
> <https://www.facebook.com/HSHPersonalInjuryLawyers/>
> <https://www.youtube.com/user/hshlawyers>
>
>
>
> 3500 - 20 Queen St. W., Toronto, ON M5H 3R3
> Fax: 416-361-0083 | Toll Free: 877-474-5997|
> www.hshlawyers.com <https://www.hshlawyers.com>
>
> This Howie Sacks & Henry e-mail is privileged,
> confidential and subject to copyright. Any unauthorized
> use or disclosure is prohibited.
>
> *From:* Jules [mailto:Jules at Zend.To <mailto:Jules at Zend.To>]
> *Sent:* Wednesday, July 15, 2020 12:35 PM
> *To:* Marlon Deerr <MDeerr at hshlawyers.com>
> <mailto:MDeerr at hshlawyers.com>; ZendTo Users
> <zendto at zend.to> <mailto:zendto at zend.to>
> *Subject:* Re: [ZendTo] Authentication Error - The
> username or password was incorrect
>
> Are you actually seeing the < and > characters?
> You didn't actually type those into the
> /opt/zendto/bin/adduser command, did you?
>
> Have a read of the AD troubleshooting steps on
> zend.to/activedirectory
>
> Do you know if you're running with a locally-signed
> certificate on your AD servers?
>
> Assuming you have the hostname and port number (636
> usually) of your AD server, try
> *openssl s_client -connect your-ad-server.company.com:636*
>
> That will show you the initial SSL/TLS handshake involving
> all the certificates.
> You'll need to Ctrl-C it at the end, but what it prints
> out should be very useful so you can see exactly what is
> using which certs.
>
> Hope that helps,
> Jules.
>
> On 15/07/2020 16:50, Marlon Deerr wrote:
>
> OK, my user seems to be unlocked now but now I am
> getting the following errors below. I must be missing
> something else in my setup:
>
> Warning: admin authorization failed for <username1>
>
> And for other users I still get the following error:
>
> Warning: authorization failed for <username2>
>
> Note: I believe I added <username1> as an admin.
>
> *Marlon Deerr*, *Technology Manager*
> 416-572-8795(direct)| MDeerr at hshlawyers.com
> <mailto:MDeerr at hshlawyers.com>
> <https://www.hshlawyers.com>
>
> <https://www.linkedin.com/company/howie-sacks-&-henry-llp---personal-injury-law/>
> <https://twitter.com/hshlawyers>
> <https://www.facebook.com/HSHPersonalInjuryLawyers/>
> <https://www.youtube.com/user/hshlawyers>
>
>
>
> 3500 - 20 Queen St. W., Toronto, ON M5H 3R3
> Fax: 416-361-0083 | Toll Free: 877-474-5997|
> www.hshlawyers.com <https://www.hshlawyers.com>
>
> This Howie Sacks & Henry e-mail is privileged,
> confidential and subject to copyright. Any
> unauthorized use or disclosure is prohibited.
>
> *From:* Jules [mailto:Jules at Zend.To
> <mailto:Jules at Zend.To>]
> *Sent:* Wednesday, July 15, 2020 7:09 AM
> *To:* ZendTo Users <zendto at zend.to>
> <mailto:zendto at zend.to>
> *Cc:* Marlon Deerr <MDeerr at hshlawyers.com>
> <mailto:MDeerr at hshlawyers.com>
> *Subject:* Re: [ZendTo] Authentication Error - The
> username or password was incorrect
>
> Marlon,
>
> The crucial bit in the log is the "locked-out user" bit.
>
> ZendTo has a security feature in it to stop it being
> used as a method of brute-force attacking your
> accounts from outside.
> If the same user has several failed logins in a row,
> that user is locked out for the next 24 hours by default.
>
> If you can login as an admin user, one of the extra
> admin red buttons shows you the locked out users and
> lets you reset them.
>
> Alternatively, you can unlock all locked users from
> the command line with
> /opt/zendto/bin/unlockuser -a
>
> Cheers,
> Jules.
>
> On 14/07/2020 18:45, Marlon Deerr via ZendTo wrote:
>
> Ok, so I think I finally (or almost finally) got
> my AD authentication settings correct. I have
> installed the ldapsearch utility to confirm that
> I’m able to successful search the OU where my
> users reside, however when I attempt to log in
> with a valid user, ZendTo keeps erroring with:
>
> Authentication Error
>
> The username or password was incorrect
>
> I checked the /var/log/zendto/zendto.log and it
> says the following:
>
> “….Warning: authorization attempt for locked-out
> user <username1>
>
> Then when I try logging in as another user, I see
> the following in the log
>
> “…Warning: authorization failed for <username2>
>
> I know that I have both username/password correct
> so I must be missing something. Anyone know what
> setting I may have applied incorrectly?
>
>
>
>
>
>
>
> _______________________________________________
>
> ZendTo mailing list
>
> ZendTo at zend.to <mailto:ZendTo at zend.to>
>
> http://jul.es/mailman/listinfo/zendto <http://jul.es/mailman/listinfo/zendto>
>
>
>
>
>
>
>
> Jules
>
>
>
> --
>
> Julian Field MEng CEng CITP MBCS MIEEE MACM
>
>
>
> 'When a man points a finger at someone else, he should remember
>
> that four of his fingers are pointing at himself.' - Louis Nizer
>
>
>
> www.Zend.To <http://www.Zend.To>
>
> Twitter: @JulesFM
>
>
>
>
>
>
> Jules
>
>
>
> --
>
> Julian Field MEng CEng CITP MBCS MIEEE MACM
>
>
>
> 'There is silent poetry in the stillness of morning;
>
> in the calm, the cries & sighs of life sound like gentle music.'
>
> - @Astro_Wheels
>
>
>
> www.Zend.To <http://www.Zend.To>
>
> Twitter: @JulesFM
>
>
>
>
>
> Jules
>
>
>
> --
>
> Julian Field MEng CEng CITP MBCS MIEEE MACM
>
>
>
> The current UK shipping forecast:
>
> South Utsire, Forties: Southwesterly veering westerly 3 or 4. Mainly moderate.
>
> Rain at first. Moderate or poor, becoming good.
>
>
>
> www.Zend.To <http://www.Zend.To>
>
> Twitter: @JulesFM
>
>
>
>
> Jules
>
>
>
> --
>
> Julian Field MEng CEng CITP MBCS MIEEE MACM
>
>
>
> 'Every morning when I wake,
>
> Dear Lord, a little prayer I make,
>
> O please do keep Thy lovely eye
>
> On all poor creatures born to die
>
>
>
> And every evening at sun-down
>
> I ask a blessing on the town,
>
> For whether we last the night or no
>
> I'm sure is always touch-and-go.
>
>
>
> We are not wholly bad or good
>
> Who live our lives under Milk Wood,
>
> And Thou, I know, wilt be the first
>
> To see our best side, not our worst.
>
>
>
> O let us see another day!
>
> Bless us all this night, I pray,
>
> And to the sun we all will bow
>
> And say, good-bye - but just for now!'
>
> - Dylan Thomas
>
>
>
> www.Zend.To <http://www.Zend.To>
>
> Twitter: @JulesFM
>
>
>
> Jules
> --
> Julian Field MEng CEng CITP MBCS MIEEE MACM
> 'All programs have a desire to be useful' - Tron, 1982
> www.Zend.To <http://www.Zend.To>
> Twitter: @JulesFM
Jules
--
Julian Field MEng CEng CITP MBCS MIEEE MACM
'There is one thing stronger than all the armies in the world;
and that is an idea whose time has come.'
www.Zend.To
Twitter: @JulesFM
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://jul.es/pipermail/zendto/attachments/20200722/7e25eede/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: imagee5148c.JPG
Type: image/jpeg
Size: 125353 bytes
Desc: not available
URL: <http://jul.es/pipermail/zendto/attachments/20200722/7e25eede/attachment-0005.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image68fc40.JPG
Type: image/jpeg
Size: 7976 bytes
Desc: not available
URL: <http://jul.es/pipermail/zendto/attachments/20200722/7e25eede/attachment-0006.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image1bceaa.JPG
Type: image/jpeg
Size: 7843 bytes
Desc: not available
URL: <http://jul.es/pipermail/zendto/attachments/20200722/7e25eede/attachment-0007.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image9de8c6.JPG
Type: image/jpeg
Size: 7268 bytes
Desc: not available
URL: <http://jul.es/pipermail/zendto/attachments/20200722/7e25eede/attachment-0008.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image163859.JPG
Type: image/jpeg
Size: 7059 bytes
Desc: not available
URL: <http://jul.es/pipermail/zendto/attachments/20200722/7e25eede/attachment-0009.jpe>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.jpg
Type: image/jpeg
Size: 12435 bytes
Desc: not available
URL: <http://jul.es/pipermail/zendto/attachments/20200722/7e25eede/attachment-0010.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.jpg
Type: image/jpeg
Size: 777 bytes
Desc: not available
URL: <http://jul.es/pipermail/zendto/attachments/20200722/7e25eede/attachment-0011.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image006.jpg
Type: image/jpeg
Size: 768 bytes
Desc: not available
URL: <http://jul.es/pipermail/zendto/attachments/20200722/7e25eede/attachment-0012.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image008.jpg
Type: image/jpeg
Size: 756 bytes
Desc: not available
URL: <http://jul.es/pipermail/zendto/attachments/20200722/7e25eede/attachment-0013.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image010.jpg
Type: image/jpeg
Size: 752 bytes
Desc: not available
URL: <http://jul.es/pipermail/zendto/attachments/20200722/7e25eede/attachment-0014.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image011.jpg
Type: image/jpeg
Size: 12435 bytes
Desc: not available
URL: <http://jul.es/pipermail/zendto/attachments/20200722/7e25eede/attachment-0015.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image012.jpg
Type: image/jpeg
Size: 777 bytes
Desc: not available
URL: <http://jul.es/pipermail/zendto/attachments/20200722/7e25eede/attachment-0016.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image013.jpg
Type: image/jpeg
Size: 768 bytes
Desc: not available
URL: <http://jul.es/pipermail/zendto/attachments/20200722/7e25eede/attachment-0017.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image014.jpg
Type: image/jpeg
Size: 756 bytes
Desc: not available
URL: <http://jul.es/pipermail/zendto/attachments/20200722/7e25eede/attachment-0018.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image015.jpg
Type: image/jpeg
Size: 752 bytes
Desc: not available
URL: <http://jul.es/pipermail/zendto/attachments/20200722/7e25eede/attachment-0019.jpg>
More information about the ZendTo
mailing list