Community
Application Development and Automation Discussions
Join the discussions or start your own on all things application development, including tools and APIs, programming models, and keeping your skills sharp.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Read only

LDAP: error code 49

Go to solution
Former Member

‎2007 Aug 07 4:06 PM

0 Likes
2,845

Hi,

I am testing a single sign-on with spnego configuration. When I run diagtool spnego.conf, I always get this error.

Error connecting to the LDAP server

[EXCEPTION]

javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece�]

at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2988)

at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)

at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2735)

at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2649)

at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:290)

at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)

at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)

at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)

at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)

at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:662)

at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:243)

at javax.naming.InitialContext.init(InitialContext.java:219)

at javax.naming.InitialContext.<init>(InitialContext.java:195)

at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:80)

at com.sap.engine.config.diagtool.lib.ldap.LDAPServer.connect(LDAPServer.java:99)

at com.sap.engine.config.diagtool.tests.authentication.krb.MSActiveDirectoryKrbTest.checkServiceUser(MSActiveDirectoryKrbTest.java:153)

at com.sap.engine.config.diagtool.tests.authentication.krb.MSActiveDirectoryKrbTest.execute(MSActiveDirectoryKrbTest.java:127)

at com.sap.engine.config.diagtool.Task.execute(Task.java:55)

at com.sap.engine.config.diagtool.Launcher.run(Launcher.java:343)

at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)

at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)

at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)

at java.lang.reflect.Method.invoke(Method.java:324)

at com.sap.engine.config.diagtool.Launcher.main(Launcher.java:394)

Please help me to figure out what's wrong, and I would greatly appreciate that.

Regards,

-Napadol

1 ACCEPTED SOLUTION
Read only

Go to solution
Former Member

‎2007 Aug 08 4:14 PM

0 Likes
1,517

Hello Napadol,

Most likely your Domain Name, User Name or Password is wrongly configured. Check the following URL for more details that might help: http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_19576&sliceId=1

Best Regards, Dylan

8 REPLIES 8
Read only

Go to solution
Former Member

‎2007 Aug 08 4:14 PM

0 Likes
1,518

Hello Napadol,

Most likely your Domain Name, User Name or Password is wrongly configured. Check the following URL for more details that might help: http://kb.adobe.com/selfservice/viewContent.do?externalId=tn_19576&sliceId=1

Best Regards, Dylan

Read only

Go to solution
Former Member
In response to Former Member

‎2007 Aug 08 8:48 PM

0 Likes
1,517

Hi Dylan,

Thank you for your response.

Read only

Go to solution
Former Member
In response to Former Member

‎2007 Aug 09 2:12 PM

0 Likes
1,517

Hi Napadol,

Did you fix your problem as I have the exact same problem. Any help will be greatly appreciated.

Regards

Brian

Read only

Go to solution
Former Member
In response to Former Member

‎2007 Aug 09 2:30 PM

0 Likes
1,517

Hi Brian,

I haven't fixed my problem yet. Some people got this problem fixed by changing the KPN to the real FQDN, but it didn't work for me.

Regards,

-Napadol

Read only

Go to solution
Former Member
In response to Former Member

‎2007 Aug 10 3:13 PM

0 Likes
1,517

Napadol,

What version of Sun JDK are you using?

Regards

Brian

Read only

Go to solution
Former Member
In response to Former Member

‎2007 Aug 11 4:03 AM

0 Likes
1,517

Hi Brian,

My JDK version is 1.4.2_13. Did you fix the problem?

Regards,

-Napadol

Read only

Go to solution
Former Member

‎2007 Aug 10 5:29 PM

0 Likes
1,517

Hello,

You have implemented a trusted domain tree configured with a cross-referrals in order to forward the DNs to another LDAP within the domain. Most probably you login onto an LDAP server that forwards the search request (aka the logon request). As the LDAP connection is not configured against referrals, the authentication to LDAP fails.

for more details, see http://support.microsoft.com/kb/241737

This is a known issue on the DiagTool that the SAP NW Security Developers currently investigate.

Please use the WebDiagtool for root cause analysis. It provides the same functionality. If you'd like to collect the user data from the LDAP server (as the DiagTool does it automatically), please use ldifde command directly on the MS host.

Cheers,

Tsvetomir

Read only

Go to solution
Former Member
In response to Former Member

‎2007 Aug 11 4:12 AM

0 Likes
1,517

Hi Tsvetomir,

Thank you for the info. I will try it.

Regards,

-Napadol