SAML setup: zx path...
 
Notifications
Clear all

SAML setup: zx path API error

2 Posts
2 Users
0 Likes
900 Views
(@maxxer)
Joined: 12 years ago
Posts: 30
Topic starter  

Hi.

I'm trying to setup SAML following this guide. I patched and restarted nginx but I still only get

zx path API error

when trying to access /zx/auth/samlMetadata?domain=domain.it

Zextras 3.5.0, Zimbra 9 by Zextras.

I haven't found any error in mailbox.log.

What could it be?

thanks

 

P.S. I think this page is outdated and should be removed.


   
Quote
Fabio Knoll
(@fabio)
Joined: 3 years ago
Posts: 15
 

Hello @maxxer,

Thank you for contacting us and for the suggestion regarding the documentation, we are currently reviewing it and on the meantime please allow me to share a couple articles that I hope you may find them interesting:

 

Zextras Suite - Added Features to Auth: https://community.zextras.com/zextras-suite-3-1-11-added-features-to-zextras-auth/
Improve the security using Zextras 2FA: https://community.zextras.com/improve-the-security-using-zextras-2fa/

 

On our recent experience the most common motives for this issue would be missing parameters in the server configurations, specially `zimbraAuthMech` and `zimbraWebClientLoginURL` parameters. Domain settings can also affect this scenario and we can verify it through the output of this command:

 

* `for dom in $(zmprov gad); do zmprov gd $dom zimbraPublicServiceProtocol zimbraPublicServiceHostname zimbraPublicServicePort zimbraAuthMech zimbraWebClientLoginURL; done`

 

Bellow is an command example that can be used to change the parameters mentioned:

 

* `zmprov md DOMAIN.TDL zimbraPublicServiceProtocol PROTOCOL zimbraPublicServiceHostname HOSTNAME zimbraPublicServicePort PORT zimbraAuthMech AUTHMECHTYPE zimbraWebClientLoginURL CLIENTLOGINPAGE`

 

Please remember to substitute the values according to your needs (e.g. `zmprov md example.com zimbraPublicServiceProtocol https zimbraPublicServiceHostname mail.example.com zimbraPublicServicePort 443 zimbraAuthMech custom:zx zimbraWebClientLoginURL /zx/login/page/`)

 

Hope that you will find this information helpful, please let us know if we can assist you further.


   
ReplyQuote