Solved

Server 2012 LDAP

Posted on 2013-11-30
7
1,788 Views
Last Modified: 2013-12-07
I cannot get any LDAP browser to Authenticate with AD on a Windows 2012 Standard Server. I am not using LDAPS yet. I am simply trying to get things running on port 389 then will install certificate.

When I try to access using an LDAP browser (Currently Using Apache Directory Studio on MAC) I can connect, but then I go to Authenticate, get the following:

The authentication failed
  [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 2030, v23f0]

I am currently on LAN subnet, accessing by IP only, firewall turned off on Server.

Any help or context would be greatly appreciated.
0
Comment
Question by:timrudy
  • 4
  • 3
7 Comments
 

Author Comment

by:timrudy
Comment Utility
0
 
LVL 14

Expert Comment

by:Ram Balachandran
Comment Utility
Credentials are correct ? DC is up and running ?
0
 
LVL 14

Expert Comment

by:Ram Balachandran
Comment Utility
Also ensure user name with domain name
Say : testuser@mydomain.com
0
Want to promote your upcoming event?

Attending an event? Speaking at a conference? Or exhibiting at a tradeshow? Easily inform your contacts by using a promotional banner in your email signature. This will ensure your organization’s most important contacts are in the know.

 
LVL 14

Expert Comment

by:Ram Balachandran
Comment Utility
Error code 2030 means that the DN of the user is invalid.

Please refer below link

http://stackoverflow.com/questions/3788841/authentication-using-ldap-against-adam-using-spring-security
0
 

Author Comment

by:timrudy
Comment Utility
I'm authenticating as DOMAIN\username

I tried with username@domain, username at domain.tld, username@domain.local

Get same error.
0
 

Accepted Solution

by:
timrudy earned 0 total points
Comment Utility
I never did get this to work with the LDS role on Exchange the way I described. It turns out I didn't need to. I simply pointed to the AD (DC) Controller on the same subnet instead, and viola, LDAP works - the way I expected. It wasn't clear to me that the reason that Microsoft recommends that you not run the LDAP role on a DC is that LDAP and LDAPS is already available on any DC without the LDS role being installed.
0
 

Author Closing Comment

by:timrudy
Comment Utility
Waste of time.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

The article will show you how you can maintain a simple logfile of all Startup and Shutdown events on Windows servers and desktops with PowerShell. The script can be easily adapted into doing more like gracefully silencing/updating your monitoring s…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now