How to specify LDAP user name for connecting to Active Directory?

Question

I'm trying to integrate my program with LDAP. I have an Active Directory server here, which apparently speaks LDAP. I want to see what's on the server before I go off trying to debug my own code. I found a program called jxplorer which claims to be able to talk to LDAP servers.

However, I can't seem to make it work. I'm using settings:

Host: (IP address of my AD server)
Port: 389
Protocol: LDAPv3
Base DN: OU=MyCompany,DC=domaincontroller,DC=local (a string I got from somebody else at my company who's written some LDAP code here before)
Level: User+Password
User DN, Password: (my user name and password on this Exchange server)

The error I'm getting is:

javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID=0C090334, comment: AcceptSecurityContext error, data 525, vece ]

The other LDAP dude here says 525 is "user not found", and hypothesizes that perhaps the user name needs to be specified in "LDAP nomenclature".

Does anyone know how to connect to AD with jxplorer?

If you get other error codes (525, 52e...), a list of correspondencies between code and "real error" is available here: www-01.ibm.com/support/docview.wss?uid=swg21290631 — Maxime Pacary, Commented Sep 10, 2012 at 9:56

grawity_u1686 · Accepted Answer · 2011-02-25 13:06:51Z

7

Figured out the way: it's not your user log-in. It's an LDAP DN like:

CN=My Name,OU=My Company,DC=server,DC=local

edited Feb 25, 2011 at 13:06

grawity_u1686

465k66 gold badges977 silver badges1.1k bronze badges

answered Feb 25, 2011 at 1:53

Ken

2,9198 gold badges26 silver badges28 bronze badges

2

Be aware that your login name in AD is sAMAccountName usually. So ken. Whereas your CN depends on how the person creating you typed in the display name at create time. That might be Ken Smith or Smith, Ken or Ken J. Smith or actually anything they like. (Also recall that periods and commas need to be escaped with a backslash, so it might Smith\, Ken J\. as the value.
– geoffc
Commented Feb 28, 2011 at 18:10

Add a comment |

Sajith P · Accepted Answer · 2013-04-04 07:28:33Z

Pass the LDAP user id and password directly hard coded.

example:

     Hashtable env = new Hashtable();         
     env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.SECURITY_AUTHENTICATION,"simple");
env.put(Context.REFERRAL, "follow");
env.put(Context.SECURITY_PRINCIPAL,"adminuserid");
env.put(Context.SECURITY_CREDENTIALS,"adminPassword");
env.put(Context.PROVIDER_URL,"ldapUrllink");
DirContext ctx = new InitialDirContext(env);

This should work.

thanks Sajith

Stack Exchange Network

How to specify LDAP user name for connecting to Active Directory?

2 Answers 2

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged
active-directory
ldap
.

Hot Network Questions

How to specify LDAP user name for connecting to Active Directory?

2 Answers 2

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged active-directoryldap.

Related

Hot Network Questions

Not the answer you're looking for? Browse other questions tagged
active-directory
ldap
.