Ejabberd log LDAP bind failed. ejabberd, v7

Francenildo · October 7, 2019, 7:50pm

Hi all, everybody has anyone had this problem?

Ejabberd connects to AD, but give this error.
Already checked everything, uninstalled, reinstalled, already read you all the old community posts, already searched on google and nothing had no success.

[warning] <0.476.0>@eldap:report_bind_failure:993 LDAP bind failed on serv01.mg.local:389
Reason: strongAuthRequired

signal-event nethserver-ejabberd-save

tail -f /var/log/ejabberd/ejabberd.log

2019-10-07 16:45:11.088 [info] <0.33.0> Application lager started on node ejabberd@localhost
2019-10-07 16:45:11.093 [info] <0.33.0> Application crypto started on node ejabberd@localhost
2019-10-07 16:45:11.097 [info] <0.33.0> Application sasl started on node ejabberd@localhost
2019-10-07 16:45:11.102 [info] <0.33.0> Application asn1 started on node ejabberd@localhost
2019-10-07 16:45:11.102 [info] <0.33.0> Application public_key started on node ejabberd@localhost
2019-10-07 16:45:11.109 [info] <0.33.0> Application ssl started on node ejabberd@localhost
2019-10-07 16:45:11.112 [info] <0.33.0> Application p1_utils started on node ejabberd@localhost
2019-10-07 16:45:11.118 [info] <0.33.0> Application fast_yaml started on node ejabberd@localhost
2019-10-07 16:45:11.127 [info] <0.33.0> Application fast_tls started on node ejabberd@localhost
2019-10-07 16:45:11.135 [info] <0.33.0> Application fast_xml started on node ejabberd@localhost
2019-10-07 16:45:11.138 [info] <0.33.0> Application stringprep started on node ejabberd@localhost
2019-10-07 16:45:11.147 [info] <0.33.0> Application xmpp started on node ejabberd@localhost
2019-10-07 16:45:11.155 [info] <0.33.0> Application cache_tab started on node ejabberd@localhost
2019-10-07 16:45:11.165 [info] <0.33.0> Application eimp started on node ejabberd@localhost
2019-10-07 16:45:11.189 [info] <0.33.0> Application elixir started on node ejabberd@localhost
2019-10-07 16:45:11.202 [info] <0.65.0>@ejabberd_config:start:68 Loading configuration from /etc/ejabberd/ejabberd.yml
2019-10-07 16:45:11.940 [info] <0.33.0> Application mnesia started on node ejabberd@localhost
2019-10-07 16:45:12.036 [warning] <0.348.0>@ejabberd_pkix:check_ca:688 CA directory /etc/ssl/certs doesn’t contain hashed certificate files; configuring ‘ca_path’ or ‘ca_file’ options might help
2019-10-07 16:45:12.087 [warning] <0.348.0>@ejabberd_pkix:validate:615 Failed to validate certificate from /etc/ejabberd/ejabberd.pem: self-signed certificate
2019-10-07 16:45:12.154 [warning] <0.348.0>@ejabberd_pkix:handle_call:259 No certificate found matching ‘mg.local’: strictly configured clients or servers will reject connections with this host; obtain a certificate for this (sub)domain from any trusted CA such as Let’s Encrypt (www.letsencrypt.org)
2019-10-07 16:45:12.186 [info] <0.33.0> Application inets started on node ejabberd@localhost
2019-10-07 16:45:12.188 [info] <0.327.0>@gen_mod:start_modules:130 Loading modules for mg.local
2019-10-07 16:45:12.188 [warning] <0.327.0>@gen_mod:sort_modules:155 Module ‘mod_mam’ is recommended for module ‘mod_muc’ but is not found in the config
2019-10-07 16:45:12.197 [warning] <0.348.0>@ejabberd_pkix:handle_call:259 No certificate found matching ‘conference.mg.local’: strictly configured clients or servers will reject connections with this host; obtain a certificate for this (sub)domain from any trusted CA such as Let’s Encrypt (www.letsencrypt.org)
2019-10-07 16:45:12.225 [warning] <0.348.0>@ejabberd_pkix:handle_call:259 No certificate found matching ‘pubsub.mg.local’: strictly configured clients or servers will reject connections with this host; obtain a certificate for this (sub)domain from any trusted CA such as Let’s Encrypt (www.letsencrypt.org)
2019-10-07 16:45:12.304 [warning] <0.450.0>@eldap:report_bind_failure:993 LDAP bind failed on serv01.mg.local:389
Reason: strongAuthRequired
2019-10-07 16:45:12.334 [info] <0.33.0> Application os_mon started on node ejabberd@localhost
2019-10-07 16:45:12.334 [info] <0.65.0>@ejabberd_cluster_mnesia:wait_for_sync:123 Waiting for Mnesia synchronization to complete
2019-10-07 16:45:12.334 [info] <0.65.0>@ejabberd_app:start:59 ejabberd 18.06 is started in the node ejabberd@localhost in 1.42s
2019-10-07 16:45:12.336 [info] <0.33.0> Application ejabberd started on node ejabberd@localhost
2019-10-07 16:45:12.336 [info] <0.358.0>@ejabberd_listener:init_tcp:139 Start accepting TCP connections at 0.0.0.0:5280 for ejabberd_http
2019-10-07 16:45:12.336 [info] <0.355.0>@ejabberd_listener:init_tcp:139 Start accepting TCP connections at 0.0.0.0:5222 for ejabberd_c2s
2019-10-07 16:45:12.336 [info] <0.357.0>@ejabberd_listener:init_tcp:139 Start accepting TCP connections at 0.0.0.0:5269 for ejabberd_s2s_in
2019-10-07 16:45:12.336 [info] <0.356.0>@ejabberd_listener:init_tcp:139 Start accepting TCP connections at 0.0.0.0:5223 for ejabberd_c2s
2019-10-07 16:45:17.324 [warning] <0.450.0>@eldap:report_bind_failure:993 LDAP bind failed on serv01.mg.local:389
Reason: strongAuthRequired

mrmarkuz · October 8, 2019, 4:00pm

I think you need a letsencrypt cert with the subdomains pubsub and conference:

http://docs.nethserver.org/en/v7/chat.html#client

You may also try to change connection to AD to use port 636 with SSL in account provider settings.

Last resort may be to disable the strong auth but it’s bad for security:

Francenildo · October 9, 2019, 1:08pm

Without repair, I will do a new installation.
99.999% of Nethserver problems are caused by updates.