>>> I'm trying out LSC (2.0.4) and I'm having problems >>> connecting to my >>> Active Directory (Windows 2008 R2) >>> >>> I get the following message when trying to connect: >>> >>> ERROR - Error opening the LDAP connection to the >>> destination! >>> (javax.naming.AuthenticationException: [LDAP: error code >>> 49 - Invalid >>> Credentials]) >>> >>> I know the username password is correct. I can connect >>> to AD via >>> ldapsearch and Apache Directory Studio with no problems. >>> If I change the >>> username or password to something incorrect, I get this >>> message instead: >>> >>> ERROR - Error opening the LDAP connection to the >>> destination! >>> (javax.naming.AuthenticationException: [LDAP: error code >>> 49 - 80090308: >>> LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext >>> error, data 52e, >>> v1db1]) >>> >>> I've tried different passwords, and both DN and UPN >>> usernames. >>> >>> My lsc.xml contains the following AD ldap connection: >>> >>> <ldapConnection> >>> <name>asdf-ad</name> >>> <url>ldap://ip/DC=asdf,DC=local</url> >>> <username>[email protected] >>> <mailto:[email protected]></username> >>> <password>password</password> >>> <authentication>SIMPLE</authentication> >>> <referral>IGNORE</referral> >>> <derefAliases>NEVER</derefAliases> >>> <version>VERSION_3</version> >>> <pageSize>1000</pageSize> >>> <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> >>> <tlsActivated>false</tlsActivated> >>> </ldapConnection> >>> >>> Am I missing something? >>> >>> >>> >>> UPN is not really supported, try to use the DN form in >>> <username></username> >>> >>> Clément. >> >> As I wrote in the message, I tried the DN as well, with the >> same negative result. >> >> >> >> Please answer to the list. >> >> >> If you can log in with DN and password in ldapsearch, you should >> be able to do it with LSC. Do you have special characters in >> password? Maybe you should check if they fit in an XML markup. >> >> Clément. > Sorry, I was a little fast on the send button. > > lsc.xml > > > <ldapConnection> > <name>asdf-ad</name> > <url>ldap://ip/DC=asdf,DC=local</url> > <username>CN=SyncUser,CN=Users,DC=asdf,DC=local</username> > > <password>password</password> > <authentication>SIMPLE</authentication> > <referral>IGNORE</referral> > <derefAliases>NEVER</derefAliases> > <version>VERSION_3</version> > <pageSize>1000</pageSize> > <factory>com.sun.jndi.ldap.LdapCtxFactory</factory> > <tlsActivated>false</tlsActivated> > </ldapConnection> > </connections> > > Mar 12 15:58:14 - INFO - Connecting to LDAP server > ldap://ip/DC=asdf,DC=local as CN=SyncUser,CN=Users,DC=asdf,DC=local > Mar 12 15:58:15 - ERROR - Error opening the LDAP connection to the > destination! (javax.naming.AuthenticationException: [LDAP: error > code 49 - Invalid Credentials]) > > My password is really simple, consisting of only letters (a-z) and > numbers. How do I see what characters are supported? > > > See > https://en.wikipedia.org/wiki/List_of_XML_and_HTML_character_entity_references > > But letters and numbers should not be a problem. > > Can you paste the working ldapsearch command? > > > Clément.
This command works fine: ldapsearch -x -D "CN=SyncUser,CN=Users,DC=asdf,DC=local" -w PASSWORD -h IP -b "DC=asdf,DC=local" I can also connect via Apache Directory Studio, which also uses Java.
_______________________________________________________________ Ldap Synchronization Connector (LSC) - http://lsc-project.org lsc-users mailing list [email protected] http://lists.lsc-project.org/listinfo/lsc-users
