authentication error:
Question:
Is the "SECURITY_PRINCIPAL" a normal user or is it an Active Directory Admin?
I am using the following line, where "doej" is a user's login in our Active Directory:
Context.SECURITY_PRINCIPAL, "cn=doej,ou=yyyy,dc=xxxx,dc=com");
Context.SECURITY_CREDENTIALS, "password");
I return the following error:
[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece
It seems like it's connecting to our AD but is refusing it due to an authentication issue.
I know this user and password is valid because I can use it to login in to our network.
Any ideas?
[673 byte] By [
abacaxia] at [2007-11-26 17:39:34]
# 1
Have a read of the JNDI tutorial to understand what a Context.SECURITY_PRINCIPAL represents.
http://java.sun.com/products/jndi/tutorial/ldap/security/ldap.html
In your case, you probably don't have an object named named cn=doej,ou=yyyy,dc=xxxx,dc=com in your directory.
It is more than likely that you have a user named cn=john doe,ou=yyyy,dc=xxxx,dc=com that has a samAccountName attribute with the value of doej and a userPrincipalName attribute with a value of doej@xxxx.com
Using simple authentication to access Active Directory you can use a full distinguished name (eg. "cn=john doe,ou=yyyy,dc=xxxx,dc=com" ), a NT style domain name, aka samAccountName (eg. XXXX\doej) or the userPrincipalName (eg. doej@xxxx.com)
