Hello,
OK, here is the log when AD authentication was successful.
016.05.05 10:37:17 org.jivesoftware.openfire.ldap.LdapManager - LdapManager: Trying to find a user’s DN based on their username. sAMAccountName: jay, Base DN: OU=“Blah1”,DC=“Blah2”,DC=“Blah3”,DC=“Blah4”…
2016.05.05 10:37:17 org.jivesoftware.openfire.ldap.LdapManager - LdapManager: Creating a DirContext in LdapManager.getContext()…
2016.05.05 10:37:17 org.jivesoftware.openfire.ldap.LdapManager - LdapManager: Warning: Using unencrypted connection to LDAP service!
2016.05.05 10:37:17 org.jivesoftware.openfire.ldap.LdapManager - LdapManager: Created hashtable with context values, attempting to create context…
2016.05.05 10:37:17 org.jivesoftware.openfire.ldap.LdapManager - LdapManager: … context created successfully, returning.
2016.05.05 10:37:17 org.jivesoftware.openfire.ldap.LdapManager - LdapManager: Starting LDAP search…
2016.05.05 10:37:17 org.jivesoftware.openfire.ldap.LdapManager - LdapManager: … search finished
2016.05.05 10:37:17 org.jivesoftware.openfire.ldap.LdapManager - LdapManager: In LdapManager.checkAuthentication(userDN, password), userDN is: BlahBlah…
2016.05.05 10:37:17 org.jivesoftware.openfire.ldap.LdapManager - LdapManager: Warning: Using unencrypted connection to LDAP service!
2016.05.05 10:37:17 org.jivesoftware.openfire.ldap.LdapManager - LdapManager: Created context values, attempting to create context…
2016.05.05 10:37:17 org.jivesoftware.openfire.ldap.LdapManager - LdapManager: … context created successfully, returning.
2016.05.05 10:37:17 org.jivesoftware.util.cert.SANCertificateIdentityMapping - Parsing otherName for subject alternative names: x.x.x.x.x.x
2016.05.05 10:37:17 org.jivesoftware.util.cert.SANCertificateIdentityMapping - … processing DERTaggedObject: [0][0]MyADServer
2016.05.05 10:37:17 org.jivesoftware.util.CertificateManager - CertificateManager: Subject Alternative Name Mapping returned [MyADServer]
…
…
Here is the log when AD authentication was unsuccessful for whatever some reason.
2016.05.05 10:44:32 org.jivesoftware.openfire.ldap.LdapManager - LdapManager: Trying to find a user’s DN based on their username. sAMAccountName: jay, Base DN: OU=“Blah1”,DC=“Blah2”,DC=“Blah3”,DC=“Blah4”…
2016.05.05 10:44:32 org.jivesoftware.openfire.ldap.LdapManager - LdapManager: Creating a DirContext in LdapManager.getContext()…
2016.05.05 10:44:32 org.jivesoftware.openfire.ldap.LdapManager - LdapManager: Warning: Using unencrypted connection to LDAP service!
2016.05.05 10:44:32 org.jivesoftware.openfire.ldap.LdapManager - LdapManager: Created hashtable with context values, attempting to create context…
2016.05.05 10:44:53 org.jivesoftware.openfire.ldap.LdapManager - LdapManager: Exception thrown when searching for userDN based on username ‘jay’
javax.naming.CommunicationException: MyADServer:389 [Root exception is java.net.ConnectException: Connection timed out: connect]
at com.sun.jndi.ldap.Connection.(Unknown Source)
at com.sun.jndi.ldap.LdapClient.(Unknown Source)
at com.sun.jndi.ldap.LdapClient.getInstance(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)
at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
at javax.naming.InitialContext.init(Unknown Source)
at javax.naming.ldap.InitialLdapContext.(Unknown Source)
at org.jivesoftware.util.JiveInitialLdapContext.(JiveInitialLdapContext.java :43)
at org.jivesoftware.openfire.ldap.LdapManager.getContext(LdapManager.java:568)
Today, I noticed that my AD login was successful for about 25 times, then I saw this connection failing…
Well, again, since it happens randomly, it is kinda hard to reproduce, but this is what I got the log as you requested.
Based on this log, it looks like LdapManager context failing when requested at some point…
BTW, Once I see this connection issue, then…after a while, I am able to login without having any issue again…
Thanks,