Ldap Autentication

Posted on 2006-05-23
Last Modified: 2012-08-13
I´m trying to authenticate in a domain using java and ldap.

  public boolean connect( String username, String password )
    throws Exception {
    try  {
        Hashtable env = new Hashtable();
        env.put(Context.PROVIDER_URL, url);
        env.put(Context.SECURITY_CREDENTIALS, password);
        env.put(Context.SECURITY_PRINCIPAL, username + "@" + domain);
        dirContext = new;    
        return true;
    } catch ( NamingException e )  {
        System.out.println("error: " + e.getMessage());
          return false;
    } catch ( Exception e )  {
        throw new Exception ("ERROR-LDAP: Error autenticando " + username +"/"
        + password + " " + e.getMessage(), e);

where url:
url = "ldap://" + host + ":" + port + "/";

When I execute the code I get this error:

[LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 531, v893 ]

I know that this error is because the user cant logon in all domain computers.
I cant change this property and I want to know if there is a solution for this problem and how can I fix it.
Question by:olgavillamizar
    LVL 3

    Accepted Solution

    Best I can do is give you some details on your error:

    80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 531, v893
    HEX: 0x531 - not permitted to logon from this workstation
    DEC: 1329 - ERROR_INVALID_WORKSTATION (Logon failure: user not allowed to log on to this computer.)
    LDAP[userWorkstations: <multivalued list of workstation names>]
    NOTE: Returns only when presented with valid username and password/credential.

    Basically what this says to me is that the user is not allowed to logon from that particular workstation. Is the user able to logon interactively?
    LVL 1

    Author Comment

    Hi Krule!
    No the user has able to logon in few or in one workstation only.
    When the user has the property to logon in all computers the error doesnt appear, but how to solve this without give to the user this property..(all computers)
    LVL 3

    Expert Comment

    This is more of a LDAP question than it is JSP related, and as I am not an LDAP master, I cannot answer (sorry).

    I can tell you with my limited LDAP knowledge that by the principle is that a user cannot access a machine that he cannot access (seems fairly obvious :p). So, either you give him access (limited) to do a programatic logon on that machine, or you don't, and it doesn't work.

    That being said, there may be a way to get around this, you would have to ask in the LDAP forum however.

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    Suggested Solutions

    Many companies are looking to get out of the datacenter business and to services like Microsoft Azure to provide Infrastructure as a Service (IaaS) solutions for legacy client server workloads, rather than continuing to make capital investments in h…
    There are many benefits to finding online courses that align with your personal or career goals. Read more about our reasons for continuing your education in technology.
    Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
    In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now