Solved

Server 2012 LDAP

Posted on 2013-11-30
7
1,855 Views
Last Modified: 2013-12-07
I cannot get any LDAP browser to Authenticate with AD on a Windows 2012 Standard Server. I am not using LDAPS yet. I am simply trying to get things running on port 389 then will install certificate.

When I try to access using an LDAP browser (Currently Using Apache Directory Studio on MAC) I can connect, but then I go to Authenticate, get the following:

The authentication failed
  [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 2030, v23f0]

I am currently on LAN subnet, accessing by IP only, firewall turned off on Server.

Any help or context would be greatly appreciated.
0
Comment
Question by:timrudy
  • 4
  • 3
7 Comments
 

Author Comment

by:timrudy
ID: 39687210
0
 
LVL 14

Expert Comment

by:Ram Balachandran
ID: 39687215
Credentials are correct ? DC is up and running ?
0
 
LVL 14

Expert Comment

by:Ram Balachandran
ID: 39687217
Also ensure user name with domain name
Say : testuser@mydomain.com
0
Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

 
LVL 14

Expert Comment

by:Ram Balachandran
ID: 39687222
Error code 2030 means that the DN of the user is invalid.

Please refer below link

http://stackoverflow.com/questions/3788841/authentication-using-ldap-against-adam-using-spring-security
0
 

Author Comment

by:timrudy
ID: 39687224
I'm authenticating as DOMAIN\username

I tried with username@domain, username at domain.tld, username@domain.local

Get same error.
0
 

Accepted Solution

by:
timrudy earned 0 total points
ID: 39689707
I never did get this to work with the LDS role on Exchange the way I described. It turns out I didn't need to. I simply pointed to the AD (DC) Controller on the same subnet instead, and viola, LDAP works - the way I expected. It wasn't clear to me that the reason that Microsoft recommends that you not run the LDAP role on a DC is that LDAP and LDAPS is already available on any DC without the LDS role being installed.
0
 

Author Closing Comment

by:timrudy
ID: 39702860
Waste of time.
0

Featured Post

Free eBook: Backup on AWS

Everything you need to know about backup and disaster recovery with AWS, for FREE!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
Know what services you can and cannot, should and should not combine on your server.
In this Micro Tutorial viewers will learn how to use Boot Corrector from Paragon Rescue Kit Free to identify and fix the boot problems of Windows 7/8/2012R2 etc. As an example is used Windows 2012R2 which lost its active partition flag (often happen…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

680 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question