Solved

Server 2012 LDAP

Posted on 2013-11-30
7
1,886 Views
Last Modified: 2013-12-07
I cannot get any LDAP browser to Authenticate with AD on a Windows 2012 Standard Server. I am not using LDAPS yet. I am simply trying to get things running on port 389 then will install certificate.

When I try to access using an LDAP browser (Currently Using Apache Directory Studio on MAC) I can connect, but then I go to Authenticate, get the following:

The authentication failed
  [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 2030, v23f0]

I am currently on LAN subnet, accessing by IP only, firewall turned off on Server.

Any help or context would be greatly appreciated.
0
Comment
Question by:timrudy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 

Author Comment

by:timrudy
ID: 39687210
0
 
LVL 14

Expert Comment

by:Ram Balachandran
ID: 39687215
Credentials are correct ? DC is up and running ?
0
 
LVL 14

Expert Comment

by:Ram Balachandran
ID: 39687217
Also ensure user name with domain name
Say : testuser@mydomain.com
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 14

Expert Comment

by:Ram Balachandran
ID: 39687222
Error code 2030 means that the DN of the user is invalid.

Please refer below link

http://stackoverflow.com/questions/3788841/authentication-using-ldap-against-adam-using-spring-security
0
 

Author Comment

by:timrudy
ID: 39687224
I'm authenticating as DOMAIN\username

I tried with username@domain, username at domain.tld, username@domain.local

Get same error.
0
 

Accepted Solution

by:
timrudy earned 0 total points
ID: 39689707
I never did get this to work with the LDS role on Exchange the way I described. It turns out I didn't need to. I simply pointed to the AD (DC) Controller on the same subnet instead, and viola, LDAP works - the way I expected. It wasn't clear to me that the reason that Microsoft recommends that you not run the LDAP role on a DC is that LDAP and LDAPS is already available on any DC without the LDS role being installed.
0
 

Author Closing Comment

by:timrudy
ID: 39702860
Waste of time.
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

My GPO's made for 2008 R2 servers were not allowing me to RDP into a new 2012 server by default.  That’s why I tried to allow RDP via Powershell, because I could log into a remote shell without further configuration. Below I will describe how I wen…
The following article is comprised of the pearls we have garnered deploying virtualization solutions since Virtual Server 2005 and subsequent 2008 RTM+ Hyper-V in standalone and clustered environments.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

634 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question