Friday, December 15, 2006

JXplorer/LDAP with Active Directory

Just a quick note, since it took more than a little Googling to find this one.  Trying to connect up a JXplorer (an open source Java LDAP client) to our Active Directory server, and kept getting errors like these:

Error opening connection:
[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece]

or

Error opening connection:
[LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece]

The second message means no connection could be made, and I get that when trying "Anonymous".  So I guess my server doesn't allow anonymous access. 

If you're seeing the first one on just trying to connect, you might be doing the same silly thing I was doing.  When Level is set to User + Pass, then in the User DN section you want the whole name of the person, not just the login/username.  So you want "John Smith" in there, not "jsmith".  Once I did that, it came up just fine.

(Remember also that "dc" means "domain component", so you just use as many of them as you have parts of your address:  dc=duanesbrain,dc=blogspot,dc=com.  It's not any sort of hierarchical thing.)

 

25 comments:

Anonymous said...

Thanks!! This helped.

Anonymous said...

Thanks a lot! Really helped us,

Anonymous said...

Great stuff - I was faced with both issues and this post solved them in one...

rob said...

AWESOME!!! I love you man!!

Anonymous said...

I was searching all over the world things you said!!!! Thanks a lot man!!!!

Anonymous said...

I spend all day and still couldn't figure out how to login. Thx. Oh by the way, I just need to put the full name only no cn= or dc= at all.

Anonymous said...

I've spent all day trying to figure this out - thanks so much for posting this :)

Anonymous said...

Great one! I spent hours here and I would never come to the solution.

abhinav goel said...

thanks. it helped me :)

Anonymous said...

Thanks Duane's Brain! Even this many years later it solved my problem.

Anonymous said...

thank you !!!!!!!! Was pulling out my hair trying to figure it out.

amar said...

Awesome man. You saved my day

Anonymous said...

Still pertinent :-)

Thanks.

Anonymous said...

thanks :)

Anonymous said...

Man!!! What can I say! You are awesome!!! Copy paste in google, then click on the first link... Your Blog and bingo!!!

Anonymous said...

This is what is the power of knowledge sharing...

Thanks alot for the info....

Rosh said...

Thanks u r solution worked... :)

ullasram said...

You made my day !!! Thanks a lot.

Giulio Roggero said...

Thanks, this works!

Anonymous said...

thx4all

Yogesh Bharate said...

nice.
Its works...

Neha Sodhi said...

THANKS HELPED ME OUT

abdelghani benseddiq said...

thnak you for information
I hope to see my site also supports this service
submit your web sites and get more traffic, Get a free listing at link Directory
Link Directory
LNavo

Andrés-Julián Cremades Monserrat said...

Thanks, it helped me a lot ;)

Anonymous said...

thank you so muche, you save me!!!