Javax.naming.AuthenticationException [LDAP: error code 49 - 80090308

i am getting a problem in connection.
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece
plz suggest

satish_dhn wrote:
plz suggesterr code 49 means problem with login credentials.
"525" (between "data" and "vece" ) means user not found.

Similar Messages

Javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Cre...

Sir/Madam,
i am working on Windows Platform and I am getting this error when i want ot configure the LDAP.
Please suggest
javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]
     at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3005)
     at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2951)
     at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2753)
     at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2667)
     at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:287)
     at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
     at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
     at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
     at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
     at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
     at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
     at javax.naming.InitialContext.init(InitialContext.java:223)
     at javax.naming.InitialContext.<init>(InitialContext.java:197)
     at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)
     at TestClient.main(TestClient.java:33)
Thanks in advance.
Regards
Neelamadhab

javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]LDAP is rejecting your credentials (username / password). Make sure your credentials are coorectly given, otherwise get help from LDAP admin.
regards,
Sekar

LDAP Newbie:    javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031522C9, problem 2001 (NO_OBJECT)

Hi,
I am getting the following error when I try to do a search on an ldap (AD LDS) database:
javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031522C9, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=AppPartFE,DC=com'
]; remaining name 'cn=Users,dc=AppPartFE,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
at javax.naming.directory.InitialDirContext.search(Unknown Source)
at Test.<init>(Test.java:70)
at Test.main(Test.java:118)
I can bind successfully using either the userPrincipalName (UPN) or the Distinguished Name (DN), however my search is failing.
It is almost as if I am connected to the db tree at the wrong place. Do I need a different search scope?
I appreciate any assistance you can provide.
Here is my code:
import java.util.*;
import static java.lang.System.err;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
public class Test
public Test()
Properties prop = new Properties();
prop.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
prop.put("java.naming.provider.url", "ldap://MyHost.Mydomain.labs.CompanyX.com:50004");
String strProviderUrl = "ldap://MyHost.Mydomain.labs.CompanyX.com:50004";
// Can successfully bind with the userPrincipalName in AD LDS
//prop.put("java.naming.security.principal", "[email protected]");
// Can successfully bind with Distinguished Name
// Note: the string is case insensitive and embedded blank after a comma is not a problem
   prop.put("java.naming.security.principal", "cn=tst0001,cn=Users,dc=AppPartFE,dc=com");
prop.put("java.naming.security.credentials", "password");
try {
    LdapContext ctx = new InitialLdapContext(prop, null);
    System.out.println("Bind successful");
//I am successful to this point....
   //now try doing a search on another user
     String strFilter = "(&(objectClass=userProxy)(sAMAccountName=tst0001))";
    SearchControls searchControls = new SearchControls();
    searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); //works with object class=* to find top partition node
    NamingEnumeration<SearchResult> results = ctx.search("cn=Users,dc=AppPartFE,dc=com", strFilter, searchControls);
    SearchResult searchResult = null;
    if(results.hasMoreElements()) {
         searchResult = (SearchResult) results.nextElement();
        //make sure there is not another item available, there should be only 1 match
        if(results.hasMoreElements()) {
            System.err.println("Matched multiple users for the accountName");
catch (NamingException ex) {
    ex.printStackTrace();
public static void main(String[] args)
Test ldaptest = new Test();

Because you are specifiying a base distinguished name in your ldap url, the ldap context will be rooted at that context and all subsequent objects will be relative to that base distinguished name.//connect to my domain controller
String ldapURL = "ldaps://rhein:636/dc=bodensee,dc=de";andString userName = "CN=verena bit,OU=Lehrer,OU=ASR,DC=bodensee,DC=de";results in an fully distinguished name of:CN=verena bit,OU=Lehrer,OU=ASR,DC=bodensee,DC=de,dc=bodensee,dc=deEither specify your ldap url asString ldapURL = "ldaps://rhein:636";and leave your username as is, or specify the user object relative to the base distinguished name in the ldapurlString userName = "CN=verena bit,OU=Lehrer,OU=ASR";

Javax.naming.NameAlreadyBoundException [LDAP: error code 68

I am getting the below Error when I am trying to add the entry into the LPAD Server.
javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - Entry Already Exists]; remaining name 'ou=People,dc=company,dc=co,dc=in'
     at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)
     at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
     at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
     at com.sun.jndi.ldap.LdapCtx.c_bind(Unknown Source)
     at com.sun.jndi.ldap.LdapCtx.c_bind(Unknown Source)
     at com.sun.jndi.toolkit.ctx.ComponentContext.p_bind(Unknown Source)
     at com.sun.jndi.toolkit.ctx.PartialCompositeContext.bind(Unknown Source)
     at com.sun.jndi.toolkit.ctx.PartialCompositeContext.bind(Unknown Source)
     at javax.naming.InitialContext.bind(Unknown Source)
     at com.test.CreateUser.main(CreateUser.java:54)
I am using the following sample program to test this.
public class CreateUser {
public static void main(String[] args) {
     java.util.Hashtable env = new java.util.Hashtable();
     env.put( javax.naming.Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory" );
     env.put( javax.naming.Context.PROVIDER_URL, "ldap://c-4966:62260");
     env.put( javax.naming.Context.SECURITY_AUTHENTICATION, "simple");
     env.put( javax.naming.Context.SECURITY_PRINCIPAL, "cn=Directory Manager");
     env.put( javax.naming.Context.SECURITY_CREDENTIALS, "test");
     String dn = "ou=People,dc=company,dc=co,dc=in";
     try {
     // create DirContext
     DirContext ctx = new InitialDirContext(env);
     // Attributes for new entry
     Attributes attrs = new BasicAttributes();
     Attribute attr = new BasicAttribute("objectclass");
     attr.add( 0, "top" );
     attr.add( 1, "person" );
     attr.add( 2, "organizationalPerson" );
     attr.add( 3, "inetorgperson" );
     attrs.put(attr);
     System.out.println("1...........");
     attrs.put("cn", "Sai Krishna");
     attrs.put("sn", "Potluri");
     attrs.put("givenName","Sia Potluri");
     attrs.put("uid","saipotluri");
     attrs.put("userPassword", "balaji");
     /*attr = new javax.naming.directory.BasicAttribute("mail");
     attr.add( 0, "[email protected]" );
     attr.add( 1, "[email protected]" );
     attrs.put( attr );
     attrs.put( "telephonenumber", "111-1111-3333" );*/
     System.out.println("2...........");
     ctx.bind(dn, attrs);
     } catch ( javax.naming.NamingException ex ) {
     System.err.println("Fail to Add Entry\n");
     ex.printStackTrace();
Any help is highly appreciated.
Thanks in Advance
DARMA

You're adding the entry "ou=people,dc=company,dc=co,dc=in" and not an entry under "ou=people,dc=company,dc=co,dc=in".
The dn of the new entry should be something like "cn=Sai Krishna,ou=people,dc=company,dc=co,dc=in" when you call ctx.bind(dn,...)

Javax.naming.AuthenticationNotSupportedException:[LDAP:error Code 13

package test;
import java.util.Hashtable;
import java.util.Enumeration;
import javax.naming.*;
import javax.naming.directory.*;
import javax.naming.ldap.*;
public class Test1{
public static void main(String[] args) {
     try{
          Hashtable env = new Hashtable();
               env.put(Context.INITIAL_CONTEXT_FACTORY,INITCTX);
               env.put(Context.PROVIDER_URL,My_HOST);
               env.put(Context.SECURITY_AUTHENTICATION,"simple");
               env.put(Context.SECURITY_PRINCIPAL,MGR_DN);
               env.put(Context.SECURITY_CREDENTIALS,MGR_PW);
               DirContext ctx=new InitialDirContext(env);
          }catch(Exception e){
               e.printStackTrace();
               System.exit(1);
     public static String INITCTX="com.sun.jndi.ldap.LdapCtxFactory";
     public static String My_HOST="ldap://192.168.0.88:389";
     public static String MGR_DN="uid=kvaughan,ou=people,o=airius.com";
     public static String MGR_PW="bribery";
     public static String MY_SEARCHBASE="o=Airius.com";
javax.naming.AuthenticationNotSupportedException:[LDAP:error Code 13 Confidentiality Required]

i have the same Exception
this post from 2003 and no one post an advice!!
the exception
javax.naming.AuthenticationNotSupportedException: [LDAP: error code 48 - Inappropriate Authentication]
but i found that it is related the
env.put(Context.SECURITY_AUTHENTICATION, "simple"); // 'simple' = username + password
simple, EXTERNAL, none
but after adding this line i still have the same error!!

Javax.naming.NameNotFoundException: LDAP: error code 32

Hey,
Scenario:
User ID does not exist. Two months before it was there. But right now user is no more.
Since I have returned obj1 which is of type LDAP which contains Strings of Name, User ID, Phone etc. What will be the return value? I have just returned like
attributes = getContextLdap(servletCtx);
if (attributes.getAll() == null) {
return obj1;
and throws me error javax.naming.NameNotFoundException: LDAP: error code 32
Rgds,
Jenni

One of the reason, as per your requirement, may due to PREDOMINANT catch block for javax.naming.NameNotFoundException.
Catch that exception.

Javax.naming.OperationNotSupportedException:[LDAP: error code 12-00000057

Hi All,
I getting the below OperationNotSupportedException while searching the LDAP container
"'ou=Subscriptions,ou=BMCMarimba,DC=marimba,DC=bmc-dns,DC=com'".
In our application during the initial search i'm able to search the above container and get the results.But during subsequent search getting the below mentioned error.
javax.naming.OperationNotSupportedException: [LDAP: error code 12 - 00000057: LdapErr: DSID-0C09068F, comment: Error processing control, data 0, vece]; remaining name 'ou=Subscriptions,ou=BMCMarimba,DC=marimba,DC=bmc-dns,DC=com'
     at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3048)\
     at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)\
     at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)\
     at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1811)\
     at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1734)\
     at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)\
     at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:328)\
     at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:245)\
     at com.marimba.tools.ldap.physical.LDAPConnectionImpl.getResult(LDAPConnectionImpl.java:901)\
     at com.marimba.tools.ldap.physical.LDAPConnectionPoolImpl.searchWithConnection(LDAPConnectionPoolImpl.java:1369)\
     at com.marimba.tools.ldap.physical.LDAPPagedSearchPR.getPage(LDAPPagedSearchPR.java:402)\
     at com.marimba.tools.ldap.physical.LDAPPagedSearchPR.getPage(LDAPPagedSearchPR.java:238)\
     at com.marimba.tools.ldapsync.util.PageResultEnumeration.getNextPage(PageResultEnumeration.java:159)\
     at com.marimba.tools.ldapsync.policy.core.PolicySync.processNewPolicies(PolicySync.java:351)\
     at com.marimba.tools.ldapsync.policy.core.PolicySync.syncPolicies(PolicySync.java:164)\
     at com.marimba.tools.ldapsync.core.TargetSync.syncTargets(TargetSync.java:163)\
     at com.marimba.tools.ldapsync.core.LDAPDBSync.run(LDAPDBSync.java:617)\
     at java.lang.Thread.run(Thread.java:534)
Any idea why this exception is coming only in the subsequent search.
Any help would be greatly appriciated.
Thanks
Vallinayagam

Hope this question raised long back and no suitable answers provided. I want to share my solution which worked for this problem to all the developers hitting their heads to thier PC :-)
You must use single LDAP connection to retrive all the results.
For example:
If your query returns around 10000 results, best way to get the results is using paging. Let us assume you set the page size to 500. Once you retrieve the first 500 results LDAP Connection will give you cookie which stores the information on last page. We need to set the cookie to future use i.e., for retrieving next page (next 500 results). If the connection to get next page is new/different (can be new instance or retrieved from pool) you will get "javax.naming.OperationNotSupportedException:[LDAP: error code 12-00000057".
So, to avoid this you need to use the same LDAP connection (conext) till you retieve all the results.
Regards,
Nageswara Rao.V

LDAP: error code 49 - 80090308

I recently saw my log files as we were experiencing slowness in our application and found the follwoing error message :
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext
error, data 52e, v893]; remaining name 'dc=hess,dc=pri,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2988)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2735)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2649)
at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2549)
at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2523)
at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1904)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1809)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1734)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:328)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:313)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:238)
at com.retek.rsw.persistence.ldap.LdapRswSecurityDao.getGroupNames(LdapRswSecurityDao.java:197)
at com.retek.rsw.persistence.ldap.LdapRswSecurityDao.authenticateAndReadUser(LdapRswSecurityDao.java:92)
at com.retek.rsw.service.RswSecurity.getUser(RswSecurity.java:47)
at com.retek.rsw.ui.control.security.LoginDoneAction.perform(LoginDoneAction.java:37)
at org.apache.struts.action.ActionServlet.processActionPerform(ActionServlet.java:1787)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1586)
at com.retek.struts.action.ActionServlet.process(ActionServlet.java:227)
at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:510)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
Can anyone please help me understand this message. I looked it up on the internet and it said that you DN's are not set properly, if that is the case then none of the users should be able to login then howcome users are able to login?
Thanks in Advance,
Joyce

LDAP error code 49 means that invalid credentials were provided, so perhaps the application is trying to bind with the wrong dn/password.

LDAP: error code 49

Hi,
I am testing a single sign-on with spnego configuration. When I run diagtool spnego.conf, I always get this error.
Error connecting to the LDAP server
[EXCEPTION]
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece�]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2988)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2735)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2649)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:290)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:662)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:243)
at javax.naming.InitialContext.init(InitialContext.java:219)
at javax.naming.InitialContext.<init>(InitialContext.java:195)
at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:80)
at com.sap.engine.config.diagtool.lib.ldap.LDAPServer.connect(LDAPServer.java:99)
at com.sap.engine.config.diagtool.tests.authentication.krb.MSActiveDirectoryKrbTest.checkServiceUser(MSActiveDirectoryKrbTest.java:153)
at com.sap.engine.config.diagtool.tests.authentication.krb.MSActiveDirectoryKrbTest.execute(MSActiveDirectoryKrbTest.java:127)
at com.sap.engine.config.diagtool.Task.execute(Task.java:55)
at com.sap.engine.config.diagtool.Launcher.run(Launcher.java:343)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at com.sap.engine.config.diagtool.Launcher.main(Launcher.java:394)
Please help me to figure out what's wrong, and I would greatly appreciate that.
Regards,
-Napadol

Hello,
You have implemented a trusted domain tree configured with a cross-referrals in order to forward the DNs to another LDAP within the domain. Most probably you login onto an LDAP server that forwards the search request (aka the logon request). As the LDAP connection is not configured against referrals, the authentication to LDAP fails.
for more details, see http://support.microsoft.com/kb/241737
This is a known issue on the DiagTool that the SAP NW Security Developers currently investigate.
Please use the WebDiagtool for root cause analysis. It provides the same functionality. If you'd like to collect the user data from the LDAP server (as the DiagTool does it automatically), please use ldifde command directly on the MS host.
Cheers,
Tsvetomir

[LDAP: error code 49 - Invalid Credentials]

New to OID. Using Jdev 10.1.3 and then have following code. user is apenlast and password is penlast2.
I want to get all the attributes for this user from OID. But I keep getting this error.
javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]
Actually from SSO login screen, if I try login using apenlast/penlast2 I can successfully login to OID. Then why this error from code ??
InitialDirContext ctx1 = ConnectionUtil.getDefaultDirCtx
( "ormi://br-dev3.fjcs.net:399",
"389",
"cn=apenlast",
"penlast2" );
System.out.println("TTTTTTTTTTTTTTTTTTTTT "+ctx1.getAttributes("uid"));

probably you're not using using the fully qualified DN.
the users are stored by default under cn=users,dc=yourDOMAIN
so u should try cn=apenlast,cn=users,dc=yourDOMAIN.
regards,
--Olaf

LDAP: error code 53 - Function Not Implemented

Hi All,
While doing search on Oracle internet directory server(oracle ldap server),
we are getting following exception.
Exception
in thread "main" javax.naming.OperationNotSupportedException: [LDAP:
error code 53 - Function Not Implemented]; remaining name
'ou=people,dc=test,dc=com'
     at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3058)
     at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931)
     at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2737)
     at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1808)
     at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1731)
     at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
     at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338)
     at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:321)
     at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:248)
     at DifferentSearches.doFilterSearch(DifferentSearches.java:99)
     at DifferentSearches.main(DifferentSearches.java:23)
Following is the code -
code:
     DirContext ctx= getDirContext();
     SearchControls ctls = new SearchControls();
     ctls. setReturningObjFlag (true);
     ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
     String filter = "(displayname=chandra)";
     NamingEnumeration answer = ctx.search("ou=people,dc=test,dc=com", filter, ctls);
     formatResults(answer);
     ctx.close();
When we search on the added attributes (like currentsession count) it works
fine. For this we had to enable index in OID on this field. But this is
not possible for the default attributes. OID does not provide a way to
enable indexing on these attributes. Could someone please let us know
how we can search on default attributes ?
Regards
Rahul
Edited by: Rahul_Sonawale on Oct 17, 2008 4:26 AM

Thanks Rajiv for reply.
I had read that thread before posting this. However, this is lightly different.
From other sites I can see that if it's caused by indexing, the error msg would say so and also tell you which attribute it is.
Some one suggested it's OID dropping the database connections intermittantly and should check both CRS ORACLE_HOME and RDBMS ORACLE_HOME have SQLNET.EXPIRE_TIME set and check the TNS and alert logs on the DB side for any other possible connection failure.
From some OID log we do see it has lost database connection:
OID logs in /u01/oid/oid_inst/diagnostics/logs/OID/oid1 :
ConnID:76 mesgID:2 OpID:1 OpName:search ConnIP:10.244.87.239 ConnDN:cn=policyrwuser,cn=users,dc=us,dc=oracle,dc=com
[gsldecfsFetchEntries] ORA error 3135: ORA-03135: connection lost contact
Process ID: 29973
Session ID: 164 Serial number: 3
I should post another thread for oid lost db connection.

Use of LdapRealm results in [LDAP: error code 32 - No Such Object]

Hi,
I'm testing with the example 'basic-auth' of the SJSAS7 2004Q2 with the LdapRealm.
This little test app can successfully authenticate my user against LDAP.
package de.zdf.qmv.helloworld.test;
import javax.naming.*;
import javax.naming.directory.*;
import java.util.Hashtable;
public class TestLdap {
public static void main(String[] args) {
    Hashtable env = new Hashtable();
    env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
    env.put(Context.PROVIDER_URL,            "ldap://123.123.123.123:389/o=aaa");
    env.put(Context.SECURITY_AUTHENTICATION, "simple");
    env.put(Context.SECURITY_PRINCIPAL,      "uid=myuser,ou=ddd,o=ccc,o=bbb,o=aaa");
    env.put(Context.SECURITY_CREDENTIALS,    "mypwd");
    try {
      DirContext ctx = new InitialDirContext(env);
      ctx.close();
    } catch (Exception e) {
      e.printStackTrace();
}But when I try to use these Settings for the LDAP Security Realms in the AppServer it doesn't work.
<auth-realm name="ldap" classname="com.iplanet.ias.security.auth.realm.ldap.LDAPRealm">
<property value="ldap://123.123.123.123:389/o=aaa" name="directory"/>
<property value="ou=ddd,o=ccc,o=bbb,o=aaa" name="base-dn"/>
<property value="ldapRealm" name="jaas-context"/>
</auth-realm>I get this error:
AM: Processing login with credentials of type: class com.sun.enterprise.security.auth.login.PasswordCredential
FEIN: Logging in user [myuser] into realm: ldap using JAAS module: ldapRealm
AM: Login module initialized: class com.iplanet.ias.security.auth.login.LDAPLoginModule
AM: search: baseDN: ou=ddd,o=ccc,o=bbb,o=aaa filter: uid=myuser
WARNUNG: SEC1106: Error during LDAP search with filter [uid=myuser].
WARNUNG: SEC1000: Caught exception.
javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'ou=ddd,o=ccc,o=bbb,o=aaa'Is the base-dn of the LDAP Security Realms properties the equivalent to the SECURITY_PRINCIPAL (without uid= )?
Is there a missing property in the LDAP Security Realms properties to get this work?
Thanks for your help

I have the same error with my code...
Hashtable env = new Hashtable();
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
env.put(Context.PROVIDER_URL, "ldap://localhost");
Context ctx = new InitialContext(env);
SQLServerDataSource mds = new SQLServerDataSource();
ctx.bind("jdbc/, mds);
// ERROR!!!!LDAP: error code 32 - No Such Object
I just installed the qcslapd.exe, running qcslapd -debug i get the result:
20030514 14:28:13 conn=6 fd=2 connection from e700 (127.0.0.1)
20030514 14:28:13 conn=6 op=0 BIND dn="" method=128
20030514 14:28:13 unknown version 3
20030514 14:28:13 conn=6 op=1 BIND dn="" method=128
20030514 14:28:13 conn=6 op=0 RESULT err=2 tag=97 nentries=0
20030514 14:28:13 conn=6 op=1 RESULT err=0 tag=97 nentries=0
20030514 14:28:13 conn=6 op=2 SRCH base="jdbc" scope=0 filter="(objectclass=*)"
20030514 14:28:14 conn=6 op=2 RESULT err=32 tag=101 nentries=0
can you help... HELP

OID - OperationalNotSupportedException: [LDAP: error code 53 - Server ... ]

Hi,
I'm using JNDI (Java Native Directory Interface) accessing OID, and I received a javax.naming.OperationalNotSupportedException: [LDAP: error code 53 - Server currently in read only mode. Update operations not allowed];
I am not sure what's wrong.
I tried the following command
"./ldapsearch -b "" -s base "objectclass=*" orclservermode" The returned result is "orclservermode=rw"
So it is in read-write mode. I'm not sure what's wrong.
This started happen after I apply the 10.1.4.2.0 patch.

Unfortunately I am not an OID expert so I can't really comment on the OID server part of the problem.
What I actually have plenty of experience of is the JNDI package and there has been a number of times when the error messages produced by JNDI have been cryptic or simply wrong. I would recommend sniffing the LDAP connection and check what error messages are actually created by the OID server.
Good luck!
/M

LDAP Error code:32

Hi All
I configured LDAP resource adapter in IDM 6.0. I was trying to reconcile and it was throwing this error
Error iterating accounts for resource LDAP localhost:
com.waveset.util.WavesetException: There was a problem enumerating accounts com.waveset.util.WavesetException: Error iterating over objects javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]
Everything in LDAP looks good. Not able to figure out where i amde a mistake. Any help is appreciated
Thanks
sungirl

Hi
Answering my own question. There was a mistake in Base DN in resource configuration. Correcting that fixed the error.
Thanks
sungirl

LDAP: error code 53 - 0000055E: SvcErr: DSID-031A0FC0, problem 5003

Hi,
I Am trying to add an User(whose Primary Group is'Domian users') to a Group called "CN=DS_Disabled_IG,OU=Common,OU=Access Management,OU=Security Groups,OU=BAND,dc=something,DC=com" by using the below code:
LdapContext ctx = null;
ctx = new InitialLdapContext(env, null);
String groupDn = "CN=DS_Disabled_IG,OU=Common,OU=Access Management,etc....";
String completeDnOfUser = "This will be the current DN of the user";
ModificationItem[] mods = new ModificationItem[1];
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE,
new BasicAttribute("member", completeDnOfUser));
ctx.modifyAttributes(groupDn, mods); ------- line A
At 'line A' exception is being throwed as below:
In Exception catch block [LDAP: error code 53 - 0000055E: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0
javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000055E: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0
remaining name 'CN=DS_Disabled_IG,OU=Common,OU=Access Mana etc......'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3114)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
at goes on ......
But the same code is working for me in Lower environment but not in one of the upper environment.
It would of great help, if anyone can suggest solution on this.

Hi Colin,
I am talking about adding the user to a Disabled Group using the below code :
ModificationItem[] mods = new ModificationItem[1];
mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE,
new BasicAttribute("member", completeDnOfUser));
ctx.modifyAttributes(groupDn, mods);
But what i suspect here is we should use ADD_ATTRIBUTE instead of REPLACE_ATTRIBUTE. Is that so?
This code success rate in local environment is 70% or 80%(around 70 users passed out of 100 users) but whereas in one of the Upper environment during initial days the same success rate was >70% and then nowadays suddenly it started failing for all the users completely 0%. So I have a confusion here ???
Yes, Domain Users is not a real Ldap group here but what i was conveying here is all created users will be assigned to this group.
Colin, what are those LDP or third party Applications and how useful it will be here??
Regards,
kiran

Javax.naming.AuthenticationException [LDAP: error code 49 - 80090308

Similar Messages

Maybe you are looking for