Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Core >> Core APIs

Active Directory, Win2003, LDAP Error 49 and password complexity issue

My setup:

Windows 2003 Standard, default setting (this means "password complexity requirements enabled for users account") configured as Domanin controller.

Sample code:

import java.util.Hashtable;

import javax.naming.Context;

import javax.naming.NamingException;

import javax.naming.directory.Attributes;

import javax.naming.directory.DirContext;

import javax.naming.directory.InitialDirContext;

public class ldap {

public static void main(String[] args) {

Hashtable ldapEnv = new Hashtable();

String domain="win2003.local";

String dcList="DC=win2003,DC=local";

String port="389";

String urlDC="ldap://192.168.172.128:"+port+"/";

String UserName="user01@win2003.local";

String Password="testtest_1";

DirContext ctx=null;

String userADLocation="ou=LEVEL01, ou=MYUSERS, "+dcList;

ldapEnv.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");

ldapEnv.put(Context.SECURITY_AUTHENTICATION,"simple");

ldapEnv.put(Context.SECURITY_PRINCIPAL,UserName);

ldapEnv.put(Context.SECURITY_CREDENTIALS,Password);

ldapEnv.put(Context.PROVIDER_URL, urlDC);

try {

ctx = new InitialDirContext(ldapEnv);

} catch (NamingException e) {

e.printStackTrace();

}

try {

Attributes attrs = ctx.getAttributes("cn=user01 user01, "+userADLocation);

System.out.println(attrs);

} catch (NamingException e) {

e.printStackTrace();

}

}

}

Issue:

The password of user01 is set to "testtest_1" to meet the password complexity requirements (lenght>8, contains numbers and "special" characters ).

With this username/password i get "LDAP error 49" for invalid credential.

Read all the adler_steven's post and done many little change to the code, nothing changed... can't logon, always error 49.

Then i disabled the "password complexity" option on win2003, changed the password to "testtest" in AD and in the code above. LOGIN OK, ALL WORKED.

Changed again the password to "testtest_1" in AD & testcode.Error 49.

Can't find a post regarding a similar issue in this forum... has someone experienced something similar before?

Is this an AD charset issue? Maybe the password sended to AD must be formatted in some mysterious way...

[2392 byte] By [Mr.Winnfielda] at [2007-10-2 20:11:47]
«« Serialization
»» Compiling servlet program
# 1

I can only suggest that you check that your user name is valid. (although if it wasn't valid, you wouldn't be able to successfully bind when you changed the password & password complexity requirements)

Active Directory is Unicode, so different character sets should not be a problem.

Just for the hell of it, I tested the following in my environment and it works as expected.....

String userName = "ChDarwin@antipodes.com"

String passWord = "P@ssw0rd_123?;

....

Sorry that this isn't much help.

adler_stevena at 2007-7-13 22:52:22 > top of Java-index,Core,Core APIs...
# 2
Repeated your test and found the silly error... different keyboard mapping between the 2 machines...Thanks a lot for help and for your other great topics.
Mr.Winnfielda at 2007-7-13 22:52:22 > top of Java-index,Core,Core APIs...
Core APIs

Core New Topic

Core Hot Topic

Core

All Classified