Improve company productivity with a Business Account.Sign Up

x
?
Solved

Server 2012 LDAP

Posted on 2013-11-30
7
Medium Priority
?
2,006 Views
Last Modified: 2013-12-07
I cannot get any LDAP browser to Authenticate with AD on a Windows 2012 Standard Server. I am not using LDAPS yet. I am simply trying to get things running on port 389 then will install certificate.

When I try to access using an LDAP browser (Currently Using Apache Directory Studio on MAC) I can connect, but then I go to Authenticate, get the following:

The authentication failed
  [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 2030, v23f0]

I am currently on LAN subnet, accessing by IP only, firewall turned off on Server.

Any help or context would be greatly appreciated.
0
Comment
Question by:timrudy
  • 4
  • 3
7 Comments
 

Author Comment

by:timrudy
ID: 39687210
0
 
LVL 14

Expert Comment

by:Ram Balachandran
ID: 39687215
Credentials are correct ? DC is up and running ?
0
 
LVL 14

Expert Comment

by:Ram Balachandran
ID: 39687217
Also ensure user name with domain name
Say : testuser@mydomain.com
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
LVL 14

Expert Comment

by:Ram Balachandran
ID: 39687222
Error code 2030 means that the DN of the user is invalid.

Please refer below link

http://stackoverflow.com/questions/3788841/authentication-using-ldap-against-adam-using-spring-security
0
 

Author Comment

by:timrudy
ID: 39687224
I'm authenticating as DOMAIN\username

I tried with username@domain, username at domain.tld, username@domain.local

Get same error.
0
 

Accepted Solution

by:
timrudy earned 0 total points
ID: 39689707
I never did get this to work with the LDS role on Exchange the way I described. It turns out I didn't need to. I simply pointed to the AD (DC) Controller on the same subnet instead, and viola, LDAP works - the way I expected. It wasn't clear to me that the reason that Microsoft recommends that you not run the LDAP role on a DC is that LDAP and LDAPS is already available on any DC without the LDS role being installed.
0
 

Author Closing Comment

by:timrudy
ID: 39702860
Waste of time.
0

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
In this article, we will discuss how you can secure Active Directory using free tools, and how you can choose a safe and secure Active Directory security auditing tool.
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…

606 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question