0

A hard question since no one replied for the whole day...

Here is a command line which successfully accesses the Active Directory server:

> ldapsearch -x -h 123.45.67.89 -D "Administrator@joe.com" -W -b "cn=users,dc=joedoe,dc=com" "objectClass=user"
Enter LDAP Password: *********
# extended LDIF
#
# LDAPv3
<...>

Here is my Java code in which I intend to do the same:

Hashtable<String, String> ldapEnv = new Hashtable<String, String>(11);
ldapEnv.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
ldapEnv.put(Context.PROVIDER_URL,  "ldap://123.45.67.89");
ldapEnv.put(Context.SECURITY_AUTHENTICATION, "simple");
ldapEnv.put(Context.SECURITY_PRINCIPAL, "cn=users,dc=joe,dc=com");

ldapEnv.put(Context.SECURITY_CREDENTIALS, "********");
DirContext ldapContext = new InitialDirContext(ldapEnv);

I keep getting exception:

Search error: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580 ]
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v2580 ]
    at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3136)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3082)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2883)
    at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2797)
    at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210)
    at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153)
    at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83)
    at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
    at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
    at javax.naming.InitialContext.init(InitialContext.java:244)
    at javax.naming.InitialContext.<init>(InitialContext.java:216)
    at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:101)
    at CODEABOVE.main(CODEABOVE.java:25)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at com.intellij.rt.execution.application.AppMain.main(AppMain.java:147)

What do I do wrong?

Fighting with complexity
  • 21
  • 2
  • Is your active directory configured properly. I see that error code 49 means that the user exists but you have an invalid password/user credential. – scarecrow- Nov 02 '16 at 18:30
  • For ldapsearch you are using `Administrator@joe.com` as security principal. Why do you try to use `cn=users,dc=joe,dc=com` as security principal from the java process? – Thomas Kläger Nov 03 '16 at 18:11

0 Answers0