<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
Marlon,<br>
<br>
<div class="moz-cite-prefix">On 21/07/2020 20:55, Marlon Deerr
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:WM!11370fd31152423eaca59e89a406c04ecc88cd65b6cbcefed9fd92f7517ac1e1377a53b47411da75c27005e443580e90!@mx.jul.es"><!-- Template generated by Exclaimer Signature Manager Exchange Edition on 03:55:11 Tuesday, 21 July 2020 -->
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<style type="text/css">P.ImprintUniqueID {
MARGIN: 0cm 0cm 0pt
}
LI.ImprintUniqueID {
MARGIN: 0cm 0cm 0pt
}
DIV.ImprintUniqueID {
MARGIN: 0cm 0cm 0pt
}
TABLE.ImprintUniqueIDTable {
MARGIN: 0cm 0cm 0pt
}
DIV.Section1 {
page: Section1
}</style>
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]-->
<style><!--
/* Font Definitions */
@font-face
{font-family:Helvetica;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
@font-face
{font-family:"Times New Roman \,serif";}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
tt
{mso-style-priority:99;
font-family:"Courier New";}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
p.imprintuniqueid, li.imprintuniqueid, div.imprintuniqueid
{mso-style-name:imprintuniqueid;
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Consolas;}
span.EmailStyle21
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle22
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:#1F497D;}
span.EmailStyle23
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:#1F497D;}
span.EmailStyle24
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:#1F497D;}
span.EmailStyle25
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:#1F497D;}
span.EmailStyle26
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}mso-level-number-format:roman-lower;
mso-level-tab-stop:none;
mso-level-number-position:right;
text-indent:-9.0pt;}
ol
{margin-bottom:0in;}
ul
{margin-bottom:0in;}</style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1F497D">Hey Jules,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">Here is a
portion of what was displayed after my attempt to re-send
the dropoff. It failed (obviously), but I’m not sure why it
is.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">2020-07-21
16:51:21 CLIENT -> SERVER: STARTTLS<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">2020-07-21
16:51:21 SERVER -> CLIENT: 220 2.0.0 SMTP server ready<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">SMTP Error:
Could not connect to SMTP host.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">2020-07-21
16:51:21 CLIENT -> SERVER: QUIT<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">2020-07-21
16:51:21 SERVER -> CLIENT:<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">2020-07-21
16:51:21 SMTP ERROR: QUIT command failed:<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">SMTP connect()
failed. Sta</span></p>
</div>
</blockquote>
You are doing TLS encryption over the connection (well, trying to).
The TLS handshake is failing.<br>
Set the port number to 25 (as you did with your telnet session), and
switch off any encryption and switch off the username/password as
well, all in preferences.php.<br>
<br>
Basically set it as simply as you can, using no more than what you
gave the telnet session.<br>
<br>
<blockquote type="cite"
cite="mid:WM!11370fd31152423eaca59e89a406c04ecc88cd65b6cbcefed9fd92f7517ac1e1377a53b47411da75c27005e443580e90!@mx.jul.es">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><u><span style="color:#1F497D">What I
have done to troubleshoot<o:p></o:p></span></u></b></p>
<p class="MsoNormal"><b><u><span style="color:#1F497D"><o:p><span
style="text-decoration:none"> </span></o:p></span></u></b></p>
<p class="MsoListParagraph"
style="text-indent:-.25in;mso-list:l0 level1 lfo1"><!--[if !supportLists]--><span
style="color:#1F497D"><span style="mso-list:Ignore">1.<span
style="font:7.0pt "Times New Roman"">
</span></span></span><!--[endif]--><span
style="color:#1F497D">Tried setting the SMTP port within
preferences to 25, 465 & 587 – failed on each re-send</span></p>
</div>
</blockquote>
<blockquote type="cite"
cite="mid:WM!11370fd31152423eaca59e89a406c04ecc88cd65b6cbcefed9fd92f7517ac1e1377a53b47411da75c27005e443580e90!@mx.jul.es">
<div class="WordSection1">
<p class="MsoListParagraph"
style="text-indent:-.25in;mso-list:l0 level1 lfo1"><span
style="color:#1F497D"><o:p></o:p></span></p>
<p class="MsoListParagraph"
style="text-indent:-.25in;mso-list:l0 level1 lfo1"><!--[if !supportLists]--><span
style="color:#1F497D"><span style="mso-list:Ignore">2.<span
style="font:7.0pt "Times New Roman"">
</span></span></span><!--[endif]--><span
style="color:#1F497D">Opened a PowerShell prompt opened a
telnet session to our mail server (on port 25) – success<o:p></o:p></span></p>
<p class="MsoListParagraph"
style="text-indent:-.25in;mso-list:l0 level1 lfo1"><!--[if !supportLists]--><span
style="color:#1F497D"><span style="mso-list:Ignore">3.<span
style="font:7.0pt "Times New Roman"">
</span></span></span><!--[endif]--><span
style="color:#1F497D">Sent a simple email from myself to
myself – success (my Outlook client received it right away)<o:p></o:p></span></p>
<p class="MsoListParagraph"
style="text-indent:-.25in;mso-list:l0 level1 lfo1"><!--[if !supportLists]--><span
style="color:#1F497D"><span style="mso-list:Ignore">4.<span
style="font:7.0pt "Times New Roman"">
</span></span></span><!--[endif]--><span
style="color:#1F497D">Sent another simple test email but
this time from another email address to myself - success</span></p>
</div>
</blockquote>
Check that you can send an email from yourself to someone outside
your organization, too.<br>
<br>
<blockquote type="cite"
cite="mid:WM!11370fd31152423eaca59e89a406c04ecc88cd65b6cbcefed9fd92f7517ac1e1377a53b47411da75c27005e443580e90!@mx.jul.es">
<div class="WordSection1">
<p class="MsoListParagraph"
style="text-indent:-.25in;mso-list:l0 level1 lfo1"><span
style="color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D">This tells me
that technically I can connect to the server and send
emails. Not sure why ZendTo is failing to connect.</span></p>
</div>
</blockquote>
<blockquote type="cite"
cite="mid:WM!11370fd31152423eaca59e89a406c04ecc88cd65b6cbcefed9fd92f7517ac1e1377a53b47411da75c27005e443580e90!@mx.jul.es">
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D"><o:p> </o:p></span></p>
</div>
<br>
<p class="ImprintUniqueID"><font
style="font-family:Helvetica;font-size:9pt;color:#17365D;font-weight:bold;font-style:normal;">Marlon
Deerr</font>,
<font
style="font-family:Helvetica;font-size:9pt;color:#17365D;font-weight:bold;font-style:normal;">Technology
Manager</font><br>
<font style="font-family:Helvetica;font-size:9pt;color:#17365D;">416-572-8795</font><font
color="#17365d"> <font size="2" face="Helvetica">(direct)</font>
|</font>
<span style="font-family:Helvetica;font-size:9pt;"><a
href="mailto:MDeerr@hshlawyers.com" title="Click to send
email to Marlon Deerr" target=""
style="font-family:Helvetica;font-size:9pt;"
moz-do-not-send="true"><span style="font-family:Helvetica;
font-size:9pt;">MDeerr@hshlawyers.com</span></a></span><br>
<a href="https://www.hshlawyers.com" target=""
moz-do-not-send="true"><img style="border: 0px Solid ; "
src="cid:part2.6784B2B9.20CC1AAB@Zend.To" class=""
width="624" height="82"></a>
<table class="ImprintUniqueIDTable" style="HEIGHT: 17px; WIDTH:
80.83%; BORDER-COLLAPSE: collapse" cellspacing="0"
cellpadding="0" border="0">
<tbody>
<tr>
<td style="HEIGHT: 27px; WIDTH: 115px"><a
href="https://www.linkedin.com/company/howie-sacks-&-henry-llp---personal-injury-law/"
target="" moz-do-not-send="true"><img style="border:
0px Solid ; "
src="cid:part4.FFDD80A4.95149C32@Zend.To" class=""
width="24" height="23"></a> <a
href="https://twitter.com/hshlawyers" target=""
moz-do-not-send="true"><img style="border: 0px Solid ;
" src="cid:part6.D4CC08ED.F735CAE2@Zend.To" class=""
width="24" height="23"></a> <a
href="https://www.facebook.com/HSHPersonalInjuryLawyers/"
target="" moz-do-not-send="true"><img style="border:
0px Solid ; "
src="cid:part8.D4F16200.E0D95658@Zend.To" class=""
width="24" height="23"></a> <a
href="https://www.youtube.com/user/hshlawyers"
target="" moz-do-not-send="true"><img style="border:
0px Solid ; "
src="cid:part10.6A7B8060.9C49F4A7@Zend.To" class=""
width="24" height="23"></a></td>
<td style="WIDTH: 471px"><font size="2" face="Helvetica"
color="#002060">3500 - 20 Queen St. W., Toronto, ON
M5H 3R3<br>
</font><font size="2"><font face="Helvetica"><font
color="#002060">Fax: 416-361-0083 | Toll Free:
877-474-5997</font> |
</font></font><span
style="font-family:Helvetica;font-size:10pt;"><a
href="https://www.hshlawyers.com" title="" target=""
style="font-family:Helvetica;font-size:10pt;"
moz-do-not-send="true"><span
style="font-family:Helvetica; font-size:10pt;">www.hshlawyers.com</span></a></span></td>
</tr>
</tbody>
</table>
<br>
</p>
<p class="ImprintUniqueID" style="FONT-SIZE: 9pt; FONT-FAMILY:
Helvetica; FONT-STYLE: normal">
<table class="ImprintUniqueIDTable" style="WIDTH: 100%;
BORDER-COLLAPSE: collapse" cellspacing="0" cellpadding="0"
border="0">
<tbody>
<tr>
<td><font size="1" face="Helvetica" color="#3f3f3f">This
Howie Sacks & Henry e-mail is privileged,
confidential and subject to copyright. Any
unauthorized use or disclosure is prohibited.</font></td>
</tr>
</tbody>
</table>
<br>
<br>
</p>
<div class="WordSection1">
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> Jules
[<a class="moz-txt-link-freetext" href="mailto:Jules@Zend.To">mailto:Jules@Zend.To</a>] <br>
<b>Sent:</b> Tuesday, July 21, 2020 7:41 AM<br>
<b>To:</b> Marlon Deerr <a class="moz-txt-link-rfc2396E" href="mailto:MDeerr@hshlawyers.com"><MDeerr@hshlawyers.com></a><br>
<b>Subject:</b> Re: [ZendTo] Authentication Error - The
username or password was incorrect<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span
style="font-size:12.0pt"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal">On 21/07/2020 12:32, Marlon Deerr wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span style="color:#1F497D">You did the
trick Jules. Removing “<a href="ldaps://”"
moz-do-not-send="true">ldaps://”</a> from hostname of
the authLDAPSServers1 value worked. I thought that it was
supposed to be there so I never even thought to remove
that.</span><o:p></o:p></p>
</blockquote>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman",serif">Yay! You need to add the
<a href="ldaps://" moz-do-not-send="true">ldaps://</a> when
you are encrypting all the traffic to your AD server. Which
you're not. In which case it just wants the hostname and
nothing else.<br>
<br>
<br>
<o:p></o:p></span></p>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">Now I just
need to work on getting SMTP working. I was working on one
problem at a time.</span><o:p></o:p></p>
</blockquote>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman",serif">There's a slightly curious but effective
way of debugging this setup...<br>
Send yourself (or a test account) a drop-off.<br>
Through your ZendTo Outbox, view the drop-off.<br>
Edit preferences.php to set<br>
</span><tt><span style="font-size:10.0pt"> 'SMTPdebug'
=> true,</span></tt><span
style="font-size:12.0pt;font-family:"Times New
Roman",serif"><br>
(it's normally set to false, it will be near the bottom of
the SMTP settings in preferences.php).<br>
Click on the "Resend Dropoff" button on the web page.<br>
You will see the entire SMTP conversation happen on the web
page output.<br>
It often only stays there for a few seconds, so you might
want to be ready with whatever keys you need to take a
screenshot!<br>
<br>
Fix the problems and get the "Resend Dropoff" debug output
looking right. You should see some "OK" type messages.<br>
<br>
Then reset<br>
</span><tt><span style="font-size:10.0pt"> 'SMTPdebug'
=> false,</span></tt><span
style="font-size:12.0pt;font-family:"Times New
Roman",serif"><br>
before trying anything else, such as creating a new
drop-off.<br>
Having that </span><tt><span style="font-size:10.0pt">'SMTPdebug'</span></tt><span
style="font-size:12.0pt;font-family:"Times New
Roman",serif"> set to true will break the new drop-off
process.<br>
<br>
It's usually fairly straightforward to fix. Feel free to
send me a screenshot or two if you can't see what's wrong
(I've had 30 years experience running enterprise email
systems, so what's easy/obvious to me may well not be to
you. Sorry about that!).<br>
<br>
Cheers,<br>
Jules.<br>
<br>
<br>
<br>
<br>
<o:p></o:p></span></p>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">Thanks so
much for your assistance.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman",serif"><o:p> </o:p></span></p>
<p class="imprintuniqueid"><b><span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif;color:#17365D">Marlon
Deerr</span></b>,
<b><span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif;color:#17365D">Technology
Manager</span></b><br>
<span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif;color:#17365D">416-572-8795</span><span
style="color:#17365D"> </span><span
style="font-size:10.0pt;font-family:"Helvetica",sans-serif;color:#17365D">(direct)</span><span
style="color:#17365D"> |</span> <span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif"><a
href="mailto:MDeerr@hshlawyers.com" title="Click to send
email to Marlon Deerr" moz-do-not-send="true">MDeerr@hshlawyers.com</a></span><br>
<a href="https://www.hshlawyers.com" moz-do-not-send="true"><span
style="text-decoration:none"><img id="_x0000_i1025"
src="cid:part16.43CE161D.69FBA996@Zend.To" class=""
width="624" height="82" border="0"></span></a>
<o:p></o:p></p>
<table class="MsoNormalTable"
style="width:80.82%;border-collapse:collapse" width="80%"
cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr style="height:20.25pt">
<td style="width:86.25pt;padding:0in 0in 0in
0in;height:20.25pt" width="115">
<p class="MsoNormal"><a
href="https://www.linkedin.com/company/howie-sacks-&-henry-llp---personal-injury-law/"
moz-do-not-send="true"><span
style="text-decoration:none"><img
id="_x0000_i1026"
src="cid:part18.528525D0.6C7B57FF@Zend.To"
class="" width="24" height="23" border="0"></span></a> <a
href="https://twitter.com/hshlawyers"
moz-do-not-send="true"><span
style="text-decoration:none"><img
id="_x0000_i1027"
src="cid:part20.AD6C6640.BFDBD761@Zend.To"
class="" width="24" height="23" border="0"></span></a> <a
href="https://www.facebook.com/HSHPersonalInjuryLawyers/"
moz-do-not-send="true"><span
style="text-decoration:none"><img
id="_x0000_i1028"
src="cid:part22.A7F8494C.1071F872@Zend.To"
class="" width="24" height="23" border="0"></span></a> <a
href="https://www.youtube.com/user/hshlawyers"
moz-do-not-send="true"><span
style="text-decoration:none"><img
id="_x0000_i1029"
src="cid:part24.BFBBFAE3.48D1A489@Zend.To"
class="" width="24" height="23" border="0"></span></a><span
style="font-size:12.0pt;font-family:"Times
New Roman",serif"><o:p></o:p></span></p>
</td>
<td style="width:353.25pt;padding:0in 0in 0in
0in;height:20.25pt" width="458">
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Helvetica",sans-serif;color:#002060">3500
- 20 Queen St. W., Toronto, ON M5H 3R3<br>
Fax: 416-361-0083 | Toll Free: 877-474-5997</span><span
style="font-size:10.0pt;font-family:"Helvetica",sans-serif"> |
<a href="https://www.hshlawyers.com" title=""
moz-do-not-send="true">www.hshlawyers.com</a></span><span
style="font-size:12.0pt;font-family:"Times
New Roman",serif"><o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
<p class="imprintuniqueid"><o:p> </o:p></p>
<table class="MsoNormalTable"
style="width:100.0%;border-collapse:collapse" width="100%"
cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr>
<td style="padding:0in 0in 0in 0in">
<p class="MsoNormal"><span
style="font-size:7.5pt;font-family:"Helvetica",sans-serif;color:#3F3F3F">This
Howie Sacks & Henry e-mail is privileged,
confidential and subject to copyright. Any
unauthorized use or disclosure is prohibited.</span><span
style="font-size:12.0pt;font-family:"Times
New Roman",serif"><o:p></o:p></span></p>
</td>
</tr>
</tbody>
</table>
<p class="imprintuniqueid" style="margin-bottom:12.0pt"><span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif"> <o:p></o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> Jules [<a
href="mailto:Jules@Zend.To" moz-do-not-send="true">mailto:Jules@Zend.To</a>]
<br>
<b>Sent:</b> Tuesday, July 21, 2020 4:02 AM<br>
<b>To:</b> Marlon Deerr <a
href="mailto:MDeerr@hshlawyers.com"
moz-do-not-send="true"><MDeerr@hshlawyers.com></a><br>
<b>Subject:</b> Re: [ZendTo] Authentication Error - The
username or password was incorrect<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:12.0pt">Marlon,<br>
<br>
Try changing this setting to the one below:<br>
<tt><span style="font-size:10.0pt">
'authLDAPServers1' =>
array('hsh-dc.hsh.local'),</span></tt><br>
What I've done is remove the <a href="ldaps://"
moz-do-not-send="true">"ldaps://"</a> from the hostname of
the authLDAPServers1 value.<br>
<br>
If that doesn't fix it, can you send me the exact <tt><span
style="font-size:10.0pt">ldapsearch</span></tt> command
you used that worked?<br>
<br>
Cheers,<br>
Jules.<br>
<br>
<br>
<o:p></o:p></p>
<div>
<p class="MsoNormal">On 20/07/2020 20:52, Marlon Deerr
wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span style="color:#1F497D">Hello
Jules,</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">Thank you
for following up on this issue I’m experiencing. To
answer your question, yes, I meant to refer to my AD
server not DNS. As for the ldapsearch utility, yes I am
able to successfully show my details when I insert the
correct values in the command. Also, as requested, I
have copy/pasted the LDAP section of my preferences.php
file for you to take a look at.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">Hopefully,
you see something I’m missing.
</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman ,serif",serif"> </span><o:p></o:p></p>
<p class="imprintuniqueid"><b><span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif;color:#17365D">Marlon
Deerr</span></b>,
<b><span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif;color:#17365D">Technology
Manager</span></b><br>
<span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif;color:#17365D">416-572-8795</span><span
style="color:#17365D"> </span><span
style="font-size:10.0pt;font-family:"Helvetica",sans-serif;color:#17365D">(direct)</span><span
style="color:#17365D"> |</span> <span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif"><a
href="mailto:MDeerr@hshlawyers.com" title="Click to
send email to Marlon Deerr" moz-do-not-send="true">MDeerr@hshlawyers.com</a></span><br>
<a href="https://www.hshlawyers.com"
moz-do-not-send="true"><span
style="text-decoration:none"><img id="_x0000_i1030"
src="cid:part31.8E0031BD.C27EEBE9@Zend.To" class=""
width="624" height="82" border="0"></span></a>
<o:p></o:p></p>
<table class="MsoNormalTable"
style="width:80.82%;border-collapse:collapse" width="80%"
cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr style="height:20.25pt">
<td style="width:86.25pt;padding:0in 0in 0in
0in;height:20.25pt" width="115">
<p class="MsoNormal"><a
href="https://www.linkedin.com/company/howie-sacks-&-henry-llp---personal-injury-law/"
moz-do-not-send="true"><span
style="text-decoration:none"><img
id="_x0000_i1031"
src="cid:part33.62DDC27E.C59D1892@Zend.To"
class="" width="24" height="23" border="0"></span></a> <a
href="https://twitter.com/hshlawyers"
moz-do-not-send="true"><span
style="text-decoration:none"><img
id="_x0000_i1032"
src="cid:part35.F24437E7.7BD891B6@Zend.To"
class="" width="24" height="23" border="0"></span></a> <a
href="https://www.facebook.com/HSHPersonalInjuryLawyers/"
moz-do-not-send="true"><span
style="text-decoration:none"><img
id="_x0000_i1033"
src="cid:part37.5D1D4EE7.66A2A0C7@Zend.To"
class="" width="24" height="23" border="0"></span></a> <a
href="https://www.youtube.com/user/hshlawyers"
moz-do-not-send="true"><span
style="text-decoration:none"><img
id="_x0000_i1034"
src="cid:part39.0264CA2B.FF746776@Zend.To"
class="" width="24" height="23" border="0"></span></a><o:p></o:p></p>
</td>
<td style="width:353.25pt;padding:0in 0in 0in
0in;height:20.25pt" width="458">
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Helvetica",sans-serif;color:#002060">3500
- 20 Queen St. W., Toronto, ON M5H 3R3<br>
Fax: 416-361-0083 | Toll Free: 877-474-5997</span><span
style="font-size:10.0pt;font-family:"Helvetica",sans-serif"> |
<a href="https://www.hshlawyers.com" title=""
moz-do-not-send="true">www.hshlawyers.com</a></span><o:p></o:p></p>
</td>
</tr>
</tbody>
</table>
<p class="imprintuniqueid"> <o:p></o:p></p>
<table class="MsoNormalTable"
style="width:100.0%;border-collapse:collapse" width="100%"
cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr>
<td style="padding:0in 0in 0in 0in">
<p class="MsoNormal"><span
style="font-size:7.5pt;font-family:"Helvetica",sans-serif;color:#3F3F3F">This
Howie Sacks & Henry e-mail is privileged,
confidential and subject to copyright. Any
unauthorized use or disclosure is prohibited.</span><o:p></o:p></p>
</td>
</tr>
</tbody>
</table>
<p class="imprintuniqueid" style="margin-bottom:12.0pt"><span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> Jules [<a
href="mailto:Jules@Zend.To" moz-do-not-send="true">mailto:Jules@Zend.To</a>]
<br>
<b>Sent:</b> Saturday, July 18, 2020 8:03 AM<br>
<b>To:</b> Marlon Deerr <a
href="mailto:MDeerr@hshlawyers.com"
moz-do-not-send="true"><MDeerr@hshlawyers.com></a><br>
<b>Subject:</b> Re: [ZendTo] Authentication Error -
The username or password was incorrect<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:12.0pt">Marlon,<o:p></o:p></p>
<div>
<p class="MsoNormal">On 17/07/2020 22:54, Marlon Deerr
wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span style="color:#1F497D">Jules,</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">No, I
didn’t type in < and > characters. I only did
that to not show real usernames on my end. So to be
clear, no I did not type in those characters as part
of the username when using the /opt/zendto/bin/adduser
command. As for certificates, I’m not sure as our DNS
server</span><o:p></o:p></p>
</blockquote>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman",serif">I assume you mean your AD server, not
your DNS server. DNS should have no impact on this at
all.<br>
<br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span style="color:#1F497D">is
actually managed by our MSP. With that said, when I do
run the openssl command, I get the below output.
</span><o:p></o:p></p>
</blockquote>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman",serif">That looks like they're not running
any encryption on your AD traffic. Okay, but Microsoft
are going to mandate encryption on AD traffic very soon.
But in the mean time, you should be okay using it
unencrypted.<br>
<br>
On zend.to/activedirectory, read section 2 and there is
an ldapsearch command. Replacing the necessary bits of
that, can you get it to show you your details?<br>
<br>
If you can send me your AD settings from preferences.php
(all the LDAP settings whose names end in 1, 2 or 3), I
can take a look and suggest an ldapsearch command that
should work if your settings are correct.<br>
<br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">As for
the log file at /var/log/zendto/zendto.log, if it says
Warning: authorization failed for username, does that
mean it wasn’t able to read from our AD Server. Not
sure how to interpret that because before I ran the
upgrade command after applying the latest patch, it
seemed as though it was able to read from AD. Now I’m
not sure what’s going on.</span><o:p></o:p></p>
</blockquote>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman",serif">It probably did manage to connect to
your AD server, but couldn't get any further.<br>
<br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><u><span style="color:#1F497D">Output
for </span></u><tt><b><u><span
style="font-size:10.0pt">openssl s_client
-connect your-ad-server.company.com:636</span></u></b></tt><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
</blockquote>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman",serif">From this output, it looks like
you're running AD unencrypted.<br>
<br>
Cheers,<br>
Jules.<br>
<br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span style="color:#1F497D">CONNECTED(00000003)</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">write:errno=104</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">---</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">no peer
certificate available</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">---</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">No client
certificate CA names sent</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">---</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">SSL
handshake has read 0 bytes and written 283 bytes</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">Verification:
OK</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">---</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">New,
(NONE), Cipher is (NONE)</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">Secure
Renegotiation IS NOT supported</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">Compression:
NONE</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">Expansion:
NONE</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">No ALPN
negotiated</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">Early
data was not sent</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">Verify
return code: 0 (ok)</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman",serif"> </span><o:p></o:p></p>
<p class="imprintuniqueid"><b><span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif;color:#17365D">Marlon
Deerr</span></b>,
<b><span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif;color:#17365D">Technology
Manager</span></b><br>
<span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif;color:#17365D">416-572-8795</span><span
style="color:#17365D"> </span><span
style="font-size:10.0pt;font-family:"Helvetica",sans-serif;color:#17365D">(direct)</span><span
style="color:#17365D"> |</span> <span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif"><a
href="mailto:MDeerr@hshlawyers.com" title="Click to
send email to Marlon Deerr" moz-do-not-send="true">MDeerr@hshlawyers.com</a></span><br>
<a href="https://www.hshlawyers.com"
moz-do-not-send="true"><span
style="text-decoration:none"><img id="_x0000_i1035"
src="cid:part31.8E0031BD.C27EEBE9@Zend.To"
class="" width="624" height="82" border="0"></span></a>
<o:p></o:p></p>
<table class="MsoNormalTable"
style="width:80.82%;border-collapse:collapse"
width="80%" cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr style="height:20.25pt">
<td style="width:86.25pt;padding:0in 0in 0in
0in;height:20.25pt" width="115">
<p class="MsoNormal"><a
href="https://www.linkedin.com/company/howie-sacks-&-henry-llp---personal-injury-law/"
moz-do-not-send="true"><span
style="text-decoration:none"><img
id="_x0000_i1036"
src="cid:part33.62DDC27E.C59D1892@Zend.To"
class="" width="24" height="23" border="0"></span></a> <a
href="https://twitter.com/hshlawyers"
moz-do-not-send="true"><span
style="text-decoration:none"><img
id="_x0000_i1037"
src="cid:part35.F24437E7.7BD891B6@Zend.To"
class="" width="24" height="23" border="0"></span></a> <a
href="https://www.facebook.com/HSHPersonalInjuryLawyers/"
moz-do-not-send="true"><span
style="text-decoration:none"><img
id="_x0000_i1038"
src="cid:part37.5D1D4EE7.66A2A0C7@Zend.To"
class="" width="24" height="23" border="0"></span></a> <a
href="https://www.youtube.com/user/hshlawyers"
moz-do-not-send="true"><span
style="text-decoration:none"><img
id="_x0000_i1039"
src="cid:part39.0264CA2B.FF746776@Zend.To"
class="" width="24" height="23" border="0"></span></a><o:p></o:p></p>
</td>
<td style="width:353.25pt;padding:0in 0in 0in
0in;height:20.25pt" width="458">
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Helvetica",sans-serif;color:#002060">3500
- 20 Queen St. W., Toronto, ON M5H 3R3<br>
Fax: 416-361-0083 | Toll Free: 877-474-5997</span><span
style="font-size:10.0pt;font-family:"Helvetica",sans-serif"> |
<a href="https://www.hshlawyers.com" title=""
moz-do-not-send="true">www.hshlawyers.com</a></span><o:p></o:p></p>
</td>
</tr>
</tbody>
</table>
<p class="imprintuniqueid"> <o:p></o:p></p>
<table class="MsoNormalTable"
style="width:100.0%;border-collapse:collapse"
width="100%" cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr>
<td style="padding:0in 0in 0in 0in">
<p class="MsoNormal"><span
style="font-size:7.5pt;font-family:"Helvetica",sans-serif;color:#3F3F3F">This
Howie Sacks & Henry e-mail is privileged,
confidential and subject to copyright. Any
unauthorized use or disclosure is prohibited.</span><o:p></o:p></p>
</td>
</tr>
</tbody>
</table>
<p class="imprintuniqueid" style="margin-bottom:12.0pt"><span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> Jules [<a
href="mailto:Jules@Zend.To" moz-do-not-send="true">mailto:Jules@Zend.To</a>]
<br>
<b>Sent:</b> Wednesday, July 15, 2020 12:35 PM<br>
<b>To:</b> Marlon Deerr <a
href="mailto:MDeerr@hshlawyers.com"
moz-do-not-send="true"><MDeerr@hshlawyers.com></a>;
ZendTo Users
<a href="mailto:zendto@zend.to"
moz-do-not-send="true"><zendto@zend.to></a><br>
<b>Subject:</b> Re: [ZendTo] Authentication Error -
The username or password was incorrect<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:12.0pt">Are you
actually seeing the < and > characters?<br>
You didn't actually type those into the
/opt/zendto/bin/adduser command, did you?<br>
<br>
Have a read of the AD troubleshooting steps on<br>
<tt><span style="font-size:10.0pt">
zend.to/activedirectory</span></tt><br>
<br>
Do you know if you're running with a locally-signed
certificate on your AD servers?<br>
<br>
Assuming you have the hostname and port number (636
usually) of your AD server, try<br>
<tt><b><span style="font-size:10.0pt">openssl s_client
-connect your-ad-server.company.com:636</span></b></tt><br>
<br>
That will show you the initial SSL/TLS handshake
involving all the certificates.<br>
You'll need to Ctrl-C it at the end, but what it prints
out should be very useful so you can see exactly what is
using which certs.<br>
<br>
Hope that helps,<br>
Jules.<o:p></o:p></p>
<div>
<p class="MsoNormal">On 15/07/2020 16:50, Marlon Deerr
wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span style="color:#1F497D">OK, my
user seems to be unlocked now but now I am getting
the following errors below. I must be missing
something else in my setup:</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">Warning:
admin authorization failed for <username1></span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">And for
other users I still get the following error:</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">Warning:
authorization failed for <username2></span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D">Note: I
believe I added <username1> as an admin.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman",serif"> </span><o:p></o:p></p>
<p class="imprintuniqueid"><b><span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif;color:#17365D">Marlon
Deerr</span></b>,
<b><span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif;color:#17365D">Technology
Manager</span></b><br>
<span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif;color:#17365D">416-572-8795</span><span
style="color:#17365D"> </span><span
style="font-size:10.0pt;font-family:"Helvetica",sans-serif;color:#17365D">(direct)</span><span
style="color:#17365D"> |</span> <span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif"><a
href="mailto:MDeerr@hshlawyers.com" title="Click
to send email to Marlon Deerr"
moz-do-not-send="true">MDeerr@hshlawyers.com</a></span><br>
<a href="https://www.hshlawyers.com"
moz-do-not-send="true"><span
style="text-decoration:none"><img
id="_x0000_i1040"
src="cid:part31.8E0031BD.C27EEBE9@Zend.To"
class="" width="624" height="82" border="0"></span></a>
<o:p></o:p></p>
<table class="MsoNormalTable"
style="width:80.82%;border-collapse:collapse"
width="80%" cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr style="height:20.25pt">
<td style="width:86.25pt;padding:0in 0in 0in
0in;height:20.25pt" width="115">
<p class="MsoNormal"><a
href="https://www.linkedin.com/company/howie-sacks-&-henry-llp---personal-injury-law/"
moz-do-not-send="true"><span
style="text-decoration:none"><img
id="_x0000_i1041"
src="cid:part33.62DDC27E.C59D1892@Zend.To"
class="" width="24" height="23"
border="0"></span></a> <a
href="https://twitter.com/hshlawyers"
moz-do-not-send="true"><span
style="text-decoration:none"><img
id="_x0000_i1042"
src="cid:part35.F24437E7.7BD891B6@Zend.To"
class="" width="24" height="23"
border="0"></span></a> <a
href="https://www.facebook.com/HSHPersonalInjuryLawyers/"
moz-do-not-send="true"><span
style="text-decoration:none"><img
id="_x0000_i1043"
src="cid:part37.5D1D4EE7.66A2A0C7@Zend.To"
class="" width="24" height="23"
border="0"></span></a> <a
href="https://www.youtube.com/user/hshlawyers"
moz-do-not-send="true"><span
style="text-decoration:none"><img
id="_x0000_i1044"
src="cid:part39.0264CA2B.FF746776@Zend.To"
class="" width="24" height="23"
border="0"></span></a><o:p></o:p></p>
</td>
<td style="width:353.25pt;padding:0in 0in 0in
0in;height:20.25pt" width="458">
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Helvetica",sans-serif;color:#002060">3500
- 20 Queen St. W., Toronto, ON M5H 3R3<br>
Fax: 416-361-0083 | Toll Free: 877-474-5997</span><span
style="font-size:10.0pt;font-family:"Helvetica",sans-serif"> |
<a href="https://www.hshlawyers.com"
title="" moz-do-not-send="true">www.hshlawyers.com</a></span><o:p></o:p></p>
</td>
</tr>
</tbody>
</table>
<p class="imprintuniqueid"> <o:p></o:p></p>
<table class="MsoNormalTable"
style="width:100.0%;border-collapse:collapse"
width="100%" cellspacing="0" cellpadding="0"
border="0">
<tbody>
<tr>
<td style="padding:0in 0in 0in 0in">
<p class="MsoNormal"><span
style="font-size:7.5pt;font-family:"Helvetica",sans-serif;color:#3F3F3F">This
Howie Sacks & Henry e-mail is
privileged, confidential and subject to
copyright. Any unauthorized use or
disclosure is prohibited.</span><o:p></o:p></p>
</td>
</tr>
</tbody>
</table>
<p class="imprintuniqueid" style="margin-bottom:12.0pt"><span
style="font-size:9.0pt;font-family:"Helvetica",sans-serif"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b>From:</b> Jules [<a
href="mailto:Jules@Zend.To"
moz-do-not-send="true">mailto:Jules@Zend.To</a>]
<br>
<b>Sent:</b> Wednesday, July 15, 2020 7:09 AM<br>
<b>To:</b> ZendTo Users <a
href="mailto:zendto@zend.to"
moz-do-not-send="true"><zendto@zend.to></a><br>
<b>Cc:</b> Marlon Deerr <a
href="mailto:MDeerr@hshlawyers.com"
moz-do-not-send="true"><MDeerr@hshlawyers.com></a><br>
<b>Subject:</b> Re: [ZendTo] Authentication Error
- The username or password was incorrect<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:12.0pt">Marlon,<br>
<br>
The crucial bit in the log is the "locked-out user"
bit.<br>
<br>
ZendTo has a security feature in it to stop it being
used as a method of brute-force attacking your
accounts from outside.<br>
If the same user has several failed logins in a row,
that user is locked out for the next 24 hours by
default.<br>
<br>
If you can login as an admin user, one of the extra
admin red buttons shows you the locked out users and
lets you reset them.<br>
<br>
Alternatively, you can unlock all locked users from
the command line with<br>
/opt/zendto/bin/unlockuser -a<br>
<br>
Cheers,<br>
Jules.<o:p></o:p></p>
<div>
<p class="MsoNormal">On 14/07/2020 18:45, Marlon Deerr
via ZendTo wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span lang="EN-CA">Ok, so I think
I finally (or almost finally) got my AD
authentication settings correct. I have installed
the ldapsearch utility to confirm that I’m able to
successful search the OU where my users reside,
however when I attempt to log in with a valid
user, ZendTo keeps erroring with:</span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-CA"> </span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-CA">Authentication
Error</span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-CA">The username
or password was incorrect</span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-CA"> </span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-CA">I checked the
/var/log/zendto/zendto.log and it says the
following:</span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-CA"> </span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-CA">“….Warning:
authorization attempt for locked-out user
<username1></span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-CA">Then when I
try logging in as another user, I see the
following in the log
</span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-CA"> </span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-CA">“…Warning:
authorization failed for <username2></span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-CA"> </span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-CA"> </span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-CA"> </span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-CA">I know that I
have both username/password correct so I must be
missing something. Anyone know what setting I may
have applied incorrectly?</span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-CA"> </span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-CA"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times
New Roman",serif"><br>
<br>
<br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>ZendTo mailing list<o:p></o:p></pre>
<pre><a href="mailto:ZendTo@zend.to" moz-do-not-send="true">ZendTo@zend.to</a><o:p></o:p></pre>
<pre><a href="http://jul.es/mailman/listinfo/zendto" moz-do-not-send="true">http://jul.es/mailman/listinfo/zendto</a><o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman",serif"><br>
<br>
<br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<pre>Jules<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<pre>-- <o:p></o:p></pre>
<pre>Julian Field MEng CEng CITP MBCS MIEEE MACM<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<pre>'When a man points a finger at someone else, he should remember<o:p></o:p></pre>
<pre> that four of his fingers are pointing at himself.' - Louis Nizer<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<pre><a href="http://www.Zend.To" moz-do-not-send="true">www.Zend.To</a><o:p></o:p></pre>
<pre>Twitter: @JulesFM<o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman",serif"><br>
<br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<pre>Jules<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<pre>-- <o:p></o:p></pre>
<pre>Julian Field MEng CEng CITP MBCS MIEEE MACM<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<pre>'There is silent poetry in the stillness of morning;<o:p></o:p></pre>
<pre> in the calm, the cries & sighs of life sound like gentle music.'<o:p></o:p></pre>
<pre> - @Astro_Wheels<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<pre><a href="http://www.Zend.To" moz-do-not-send="true">www.Zend.To</a><o:p></o:p></pre>
<pre>Twitter: @JulesFM<o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman",serif"><br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<pre>Jules<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<pre>-- <o:p></o:p></pre>
<pre>Julian Field MEng CEng CITP MBCS MIEEE MACM<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<pre>The current UK shipping forecast:<o:p></o:p></pre>
<pre>South Utsire, Forties: Southwesterly veering westerly 3 or 4. Mainly moderate.<o:p></o:p></pre>
<pre>Rain at first. Moderate or poor, becoming good.<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<pre><a href="http://www.Zend.To" moz-do-not-send="true">www.Zend.To</a><o:p></o:p></pre>
<pre>Twitter: @JulesFM<o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New Roman
,serif",serif"><br>
<br>
<br>
</span><o:p></o:p></p>
<pre>Jules<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<pre>-- <o:p></o:p></pre>
<pre>Julian Field MEng CEng CITP MBCS MIEEE MACM<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<pre>'Every morning when I wake,<o:p></o:p></pre>
<pre> Dear Lord, a little prayer I make,<o:p></o:p></pre>
<pre> O please do keep Thy lovely eye<o:p></o:p></pre>
<pre> On all poor creatures born to die<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<pre> And every evening at sun-down<o:p></o:p></pre>
<pre> I ask a blessing on the town,<o:p></o:p></pre>
<pre> For whether we last the night or no<o:p></o:p></pre>
<pre> I'm sure is always touch-and-go.<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<pre> We are not wholly bad or good<o:p></o:p></pre>
<pre> Who live our lives under Milk Wood,<o:p></o:p></pre>
<pre> And Thou, I know, wilt be the first<o:p></o:p></pre>
<pre> To see our best side, not our worst.<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<pre> O let us see another day!<o:p></o:p></pre>
<pre> Bless us all this night, I pray,<o:p></o:p></pre>
<pre> And to the sun we all will bow<o:p></o:p></pre>
<pre> And say, good-bye - but just for now!'<o:p></o:p></pre>
<pre> - Dylan Thomas<o:p></o:p></pre>
<pre> <o:p></o:p></pre>
<pre><a href="http://www.Zend.To" moz-do-not-send="true">www.Zend.To</a><o:p></o:p></pre>
<pre>Twitter: @JulesFM<o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman",serif"><br>
<br>
<o:p></o:p></span></p>
<pre>Jules<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>-- <o:p></o:p></pre>
<pre>Julian Field MEng CEng CITP MBCS MIEEE MACM<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre>'All programs have a desire to be useful' - Tron, 1982<o:p></o:p></pre>
<pre><o:p> </o:p></pre>
<pre><a href="http://www.Zend.To" moz-do-not-send="true">www.Zend.To</a><o:p></o:p></pre>
<pre>Twitter: @JulesFM<o:p></o:p></pre>
</div>
</blockquote>
<br>
<pre class="moz-signature" cols="72">Jules
--
Julian Field MEng CEng CITP MBCS MIEEE MACM
'Intelligence is quickness to apprehend as distinct from ability,
which is capacity to act wisely on the thing apprehended.'
- Alfred North Whitehead
<a class="moz-txt-link-abbreviated" href="http://www.Zend.To">www.Zend.To</a>
Twitter: @JulesFM
</pre>
</body>
</html>