[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1989
  • Last Modified:

Server 2012 LDAP

I cannot get any LDAP browser to Authenticate with AD on a Windows 2012 Standard Server. I am not using LDAPS yet. I am simply trying to get things running on port 389 then will install certificate.

When I try to access using an LDAP browser (Currently Using Apache Directory Studio on MAC) I can connect, but then I go to Authenticate, get the following:

The authentication failed
  [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 2030, v23f0]

I am currently on LAN subnet, accessing by IP only, firewall turned off on Server.

Any help or context would be greatly appreciated.
0
timrudy
Asked:
timrudy
  • 4
  • 3
1 Solution
 
timrudyAuthor Commented:
0
 
Ram BalachandranCommented:
Credentials are correct ? DC is up and running ?
0
 
Ram BalachandranCommented:
Also ensure user name with domain name
Say : testuser@mydomain.com
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
Ram BalachandranCommented:
Error code 2030 means that the DN of the user is invalid.

Please refer below link

http://stackoverflow.com/questions/3788841/authentication-using-ldap-against-adam-using-spring-security
0
 
timrudyAuthor Commented:
I'm authenticating as DOMAIN\username

I tried with username@domain, username at domain.tld, username@domain.local

Get same error.
0
 
timrudyAuthor Commented:
I never did get this to work with the LDS role on Exchange the way I described. It turns out I didn't need to. I simply pointed to the AD (DC) Controller on the same subnet instead, and viola, LDAP works - the way I expected. It wasn't clear to me that the reason that Microsoft recommends that you not run the LDAP role on a DC is that LDAP and LDAPS is already available on any DC without the LDS role being installed.
0
 
timrudyAuthor Commented:
Waste of time.
0

Featured Post

The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

  • 4
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now