Error resetting AD password LDAP: error code 19

I am getting following exceptions when i try to reset the password of some users in some of my Active directories.
please help me
//set password is a ldap modify operation               
               ModificationItem[] mods = new ModificationItem[2];
               String oldQuotedPassword =
                    AD_PASSWORD_QUOTE + oldPassword + AD_PASSWORD_QUOTE;
               byte[] oldUnicodePassword =
                    oldQuotedPassword.getBytes(AD_PASSWORD_ENCODE);
               String newQuotedPassword =
                    AD_PASSWORD_QUOTE + newPwd + AD_PASSWORD_QUOTE;
               byte[] newUnicodePassword =
                    newQuotedPassword.getBytes(AD_PASSWORD_ENCODE);
               mods[0] =
                    new ModificationItem(
                         DirContext.REMOVE_ATTRIBUTE,
                         new BasicAttribute(
                              AD_PASSWORD_ATTRIBUTE,
                              oldUnicodePassword));
               mods[1] =
                    new ModificationItem(
                         DirContext.ADD_ATTRIBUTE,
                         new BasicAttribute(
                              AD_PASSWORD_ATTRIBUTE,
                              newUnicodePassword));
               TR.trace(
                    Trace.LEVEL1,
                    "changeADPassword",
                    "Start reset password for AD ");
               // Perform the update of pasword.               
               ctx.modifyAttributes(dnUser, mods);
Unable to changePassword - Reason: com.ibm.swservices.websphere.registry.RegistryException: Could not change AD password. Reason: javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 19 - 00000005: AtrErr: DSID-03190EFF, #1:
     0: 00000005: DSID-03190EFF, problem 1005 (CONSTRAINT_ATT_TYPE), data 0, Att 9005a (unicodePwd); remaining name 'CN=zxx22,OU=Test,OU=Clients,OU=Customer,DC=xxx,DC=xxx'
faultActor: null
faultDetail:
javax.xml.soap.SOAPException: Unable to changePassword - Reason: com.ibm.swservices.websphere.registry.RegistryException: Could not change AD password. Reason: javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 19 - 00000005: AtrErr: DSID-03190EFF, #1:
     0: 00000005: DSID-03190EFF, problem 1005 (CONSTRAINT_ATT_TYPE), data 0, Att 9005a (unicodePwd); remaining name 'CN=zxx22,OU=Test,OU=Clients,OU=Customer,DC=xxx,DC=xxx'
     at com.ibm.ws.webservices.engine.WebServicesFault.makeFault(WebServicesFault.java:156)
     at com.ibm.ws.webservices.engine.providers.java.JavaProvider.invoke(JavaProvider.java:294)
     at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:212)
     at com.ibm.ws.webservices.engine.handlers.WrappedHandler.invoke(WrappedHandler.java:61)
     at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:212)
     at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:212)
     at com.ibm.ws.webservices.engine.WebServicesEngine.invoke(WebServicesEngine.java:255)
     at com.ibm.ws.webservices.engine.transport.http.WebServicesServlet.doPost(WebServicesServlet.java:893)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java(Compiled Code))
     at com.ibm.ws.webservices.engine.transport.http.WebServicesServletBase.service(WebServicesServletBase.java:341)
     at javax.servlet.http.HttpServlet.service(HttpServlet.java(Compiled Code))
     at com.ibm.ws.cache.servlet.ServletWrapper.serviceProxied(ServletWrapper.java(Inlined Compiled Code))
     at com.ibm.ws.cache.servlet.CacheHook.handleFragment(CacheHook.java(Compiled Code))
     at com.ibm.ws.cache.servlet.CacheHook.handleServlet(CacheHook.java(Compiled Code))
     at com.ibm.ws.cache.servlet.ServletWrapper.service(ServletWrapper.java(Compiled Code))
     at com.ibm.ws.webcontainer.servlet.StrictServletInstance.doService(StrictServletInstance.java(Compiled Code))
     at com.ibm.ws.webcontainer.servlet.StrictLifecycleServlet._service(StrictLifecycleServlet.java(Compiled Code))
     at com.ibm.ws.webcontainer.servlet.IdleServletState.service(StrictLifecycleServlet.java(Compiled Code))
     at com.ibm.ws.webcontainer.servlet.StrictLifecycleServlet.service(StrictLifecycleServlet.java(Inlined Compiled Code))
     at com.ibm.ws.webcontainer.servlet.ServletInstance.service(ServletInstance.java(Compiled Code))
     at com.ibm.ws.webcontainer.servlet.ValidServletReferenceState.dispatch(ValidServletReferenceState.java(Compiled Code))
     at com.ibm.ws.webcontainer.servlet.ServletInstanceReference.dispatch(ServletInstanceReference.java(Inlined Compiled Code))
     at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.handleWebAppDispatch(WebAppRequestDispatcher.java(Compiled Code))
     at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.dispatch(WebAppRequestDispatcher.java(Compiled Code))
     at com.ibm.ws.webcontainer.webapp.WebAppRequestDispatcher.forward(WebAppRequestDispatcher.java(Compiled Code))
     at com.ibm.ws.webcontainer.srt.WebAppInvoker.doForward(WebAppInvoker.java(Compiled Code))
     at com.ibm.ws.webcontainer.srt.WebAppInvoker.handleInvocationHook(WebAppInvoker.java(Compiled Code))
     at com.ibm.ws.webcontainer.cache.invocation.CachedInvocation.handleInvocation(CachedInvocation.java(Compiled Code))
     at com.ibm.ws.webcontainer.cache.invocation.CacheableInvocationContext.invoke(CacheableInvocationContext.java:116)
     at com.ibm.ws.webcontainer.srp.ServletRequestProcessor.dispatchByURI(ServletRequestProcessor.java(Compiled Code))
     at com.ibm.ws.webcontainer.oselistener.OSEListenerDispatcher.service(OSEListener.java(Compiled Code))
     at com.ibm.ws.webcontainer.http.HttpConnection.handleRequest(HttpConnection.java(Compiled Code))
     at com.ibm.ws.http.HttpConnection.readAndHandleRequest(HttpConnection.java(Compiled Code))
     at com.ibm.ws.http.HttpConnection.run(HttpConnection.java:449)
     at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:912)

It's most likely to be a password policy problem.
If your Active Directory password policy is enforcing password history, minimum password length, minimum password age or password complexity, then this will raise the LDAP Error Code 19 (invalid attribute exception), with an Active Directory problem code of 1005.

Similar Messages

  • [LDAP: error code 49 - Invalid Credentials]

    New to OID. Using Jdev 10.1.3 and then have following code. user is apenlast and password is penlast2.
    I want to get all the attributes for this user from OID. But I keep getting this error.
    javax.naming.AuthenticationException: [LDAP: error code 49 - Invalid Credentials]
    Actually from SSO login screen, if I try login using apenlast/penlast2 I can successfully login to OID. Then why this error from code ??
    InitialDirContext ctx1 = ConnectionUtil.getDefaultDirCtx
    ( "ormi://br-dev3.fjcs.net:399",
    "389",
    "cn=apenlast",
    "penlast2" );
    System.out.println("TTTTTTTTTTTTTTTTTTTTT "+ctx1.getAttributes("uid"));

    probably you're not using using the fully qualified DN.
    the users are stored by default under cn=users,dc=yourDOMAIN
    so u should try cn=apenlast,cn=users,dc=yourDOMAIN.
    regards,
    --Olaf                                                                                                                                                                                                                                                                                                                                                                                                   

  • SGD-AD "LDAP error code 49"

    Dear all,
    I saw the following error in the server-login log file:
    2007/07/24 15:15:03.098 (pid 2698) server/login/moreinfo #1185261303098
    Loaded class com.sco.tta.server.login.LdapLoginAuthority: {
    LDAPRoot=.../_ldapmulti/forest/
    accountEnabledChecked=false
    anonLogin=false
    attemptPasswordChange=true
    generalLdapProfileName=.../_ens/o=Tarantella System Objects/cn=LDAP Profile
    mustChangePasswordResult[0]=LDAP: error code 49 - 80090308: LdapErr: DSID-0C090290, comment: AcceptSecurityContext error, data 701
    mustChangePasswordResult[1]=LDAP: error code 49 - 80090308: LdapErr: DSID-0C090290, comment: AcceptSecurityContext error, data 773
    mustChangePasswordResult[2]=LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030F, comment: AcceptSecurityContext error, data 773
    mustChangePasswordResult[3]=LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 773
    name=com.sco.tta.server.login.LdapLoginAuthority
    propAccEnabled=scottaaccountenabled
    userMustChangePasswordResult=LDAP: error code 49 - 80090308: LdapErr: DSID-0C090290, comment: AcceptSecurityContext error, data 773
    userPasswordExpiredResult=LDAP: error code 49 - 80090308: LdapErr: DSID-0C090290, comment: AcceptSecurityContext error, data 701
    version=4.31.905
    What should i do in my SGD server ?
    What should i do in my AD server ?
    What is the solution to resolve the error ?
    Appreciate any help given.

    Hi,
    I am also getting the same error. Please let me explain what i have encountered.
    In the active directory (version 2003), the administrator has limited the user to login to only his workstation. This has been set by putting his workstation host name or IP (which is allowed to accessed by the user) into a "log on to" list (at the user level) in Active Directory.There is another option if the administrator allow the user to be able to log on to any workstation, that is by checking the "log on to all computer" check box at that particular user id.
    When my user has been set to "log on to all computer", i don't encounter the error message i.e. error code 49, as mentioned in the subject of this topic. However, when a particular user has been limited to only access to his own workstation, the error appears. However, if the Active Directory server host name or IP has been added into the "log on to" list, the authentication is successful.
    My application is actually running on an application server and the user is using Internet Explorer to login to my application from his workstation. And also, the application server has been joined to the same domain as the Active Directory server. My question is, is it a must that the Active Directory server name be added to the "log on to" list of that particular user in order for it to be authenticated by Active Directory? Does anyone has any ideas why this is happening? I definitely don't want to add the AD server name into the list as this will give the user rights to login to the AD server. Any advise would be of great help. Thanks a million in advance.

  • Javax.naming.NameNotFoundException: LDAP: error code 32

    Hey,
    Scenario:
    User ID does not exist. Two months before it was there. But right now user is no more.
    Since I have returned obj1 which is of type LDAP which contains Strings of Name, User ID, Phone etc. What will be the return value? I have just returned like
    attributes = getContextLdap(servletCtx);
    if (attributes.getAll() == null) {
    return obj1;
    and throws me error javax.naming.NameNotFoundException: LDAP: error code 32
    Rgds,
    Jenni

    One of the reason, as per your requirement, may due to PREDOMINANT catch block for javax.naming.NameNotFoundException.
    Catch that exception.

  • Javax.naming.OperationNotSupportedException:[LDAP: error code 12-00000057

    Hi All,
    I getting the below OperationNotSupportedException while searching the LDAP container
    "'ou=Subscriptions,ou=BMCMarimba,DC=marimba,DC=bmc-dns,DC=com'".
    In our application during the initial search i'm able to search the above container and get the results.But during subsequent search getting the below mentioned error.
    javax.naming.OperationNotSupportedException: [LDAP: error code 12 - 00000057: LdapErr: DSID-0C09068F, comment: Error processing control, data 0, vece]; remaining name 'ou=Subscriptions,ou=BMCMarimba,DC=marimba,DC=bmc-dns,DC=com'
         at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3048)\
         at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)\
         at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)\
         at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1811)\
         at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1734)\
         at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)\
         at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:328)\
         at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:245)\
         at com.marimba.tools.ldap.physical.LDAPConnectionImpl.getResult(LDAPConnectionImpl.java:901)\
         at com.marimba.tools.ldap.physical.LDAPConnectionPoolImpl.searchWithConnection(LDAPConnectionPoolImpl.java:1369)\
         at com.marimba.tools.ldap.physical.LDAPPagedSearchPR.getPage(LDAPPagedSearchPR.java:402)\
         at com.marimba.tools.ldap.physical.LDAPPagedSearchPR.getPage(LDAPPagedSearchPR.java:238)\
         at com.marimba.tools.ldapsync.util.PageResultEnumeration.getNextPage(PageResultEnumeration.java:159)\
         at com.marimba.tools.ldapsync.policy.core.PolicySync.processNewPolicies(PolicySync.java:351)\
         at com.marimba.tools.ldapsync.policy.core.PolicySync.syncPolicies(PolicySync.java:164)\
         at com.marimba.tools.ldapsync.core.TargetSync.syncTargets(TargetSync.java:163)\
         at com.marimba.tools.ldapsync.core.LDAPDBSync.run(LDAPDBSync.java:617)\
         at java.lang.Thread.run(Thread.java:534)
    Any idea why this exception is coming only in the subsequent search.
    Any help would be greatly appriciated.
    Thanks
    Vallinayagam

    Hope this question raised long back and no suitable answers provided. I want to share my solution which worked for this problem to all the developers hitting their heads to thier PC :-)
    You must use single LDAP connection to retrive all the results.
    For example:
    If your query returns around 10000 results, best way to get the results is using paging. Let us assume you set the page size to 500. Once you retrieve the first 500 results LDAP Connection will give you cookie which stores the information on last page. We need to set the cookie to future use i.e., for retrieving next page (next 500 results). If the connection to get next page is new/different (can be new instance or retrieved from pool) you will get "javax.naming.OperationNotSupportedException:[LDAP: error code 12-00000057".
    So, to avoid this you need to use the same LDAP connection (conext) till you retieve all the results.
    Regards,
    Nageswara Rao.V                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                           

  • LDAP weird error on updating attributes, no error on reading

    I have to modify the email addresses of only some users in the LDAP database, hence I am doing a search for all objects with the specified email address and updating it using the modifyAttribute function......
    When I just read the properties the code works fine, but when I try to modify the attribute it throws me the following error
    javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'strsdistrid=3+strsdistruserid=isdfv01,ou=autodistributionobjects'
    javax.naming.NameNotFoundException: [LDAP: error code 32 - No Such Object]; remaining name 'strsdistrid=3+strsdistruserid=isdfv01,ou=autodistributionobjects'
    at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3013)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)
    at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1440)
    at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:255)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:172)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:161)
    at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:146)
    at fullname.main(fullname.java:77)
    here is the code.....
    while (answer.hasMore()) {
    SearchResult sr = (SearchResult)answer.next();
    sr.setRelative(false);
    System.out.println(">>>" + sr.getName());
    String dn = sr.getName();
    Attributes attrs = sr.getAttributes();
    String givenName = " ";
    String surName = " ";
    try {
    givenName = attrs.get("mail").toString();
    } catch (Exception err) {
    givenName = " ";
    System.out.println(">>> [Email addresses] " + givenName);
    try {
    surName = attrs.get("document").toString();
    } catch (Exception e2) {
    surName = " ";
    System.out.println(">>> [Object name] " + surName);
    ModificationItem mods[] = new ModificationItem[1];
    // Put in mail
    Attribute mod0 = new BasicAttribute( "strsdistremailaddress","[email protected]");
    mods[0] = new ModificationItem(DirContext.REPLACE_ATTRIBUTE, mod0);
    System.out.println("Modifications set");
    ctx.modifyAttributes(sr.getName(),mods);
    All help is appreciated.

    Hi Timbuk,
    Iam also having a similar problem as yours.
    I have added groups into Active Directory, when i try to add users to groups, Iam getting the same exception.
    javax.naming.NameNotFoundException: [LDAP: error code 32 - 00000525: NameErr: DSID-031A0F80, problem 2001 (NO_OBJECT), data 0, best match of:
    at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3057)
         at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2978)
         at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2785)
         at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1468)
         at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:273)
         at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:190)
         at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:179)
         at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:165)
            at com.loadtesting.main(AddingUser.java:414)
    Please let me know if you got solution for your problem. So that you can help me. Urgent
    Thanks in advance.
    Deebika                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       

  • LDAP: error code 48 - Server is Configured to Deny Anonymous Binds

    Is it possible to authenticate user from java code when Anonymous binds in Oracle Internet Directory is disabled? I have been trying to make direct LDAP calls for authentication but it gives me error as below:
    javax.naming.AuthenticationNotSupportedException: [LDAP: error code 48 - Server is Configured to Deny Anonymous Binds];
    Appreciate help from fellow members.
    Thanks,
    Shivam

    You create a user entry in OID specifically to be used by your java application. Some folks refer to this type of user entry as a proxy or service or utility account. You may not want this service account to be located in your cn=users,dc=acme,dc=com container with the reset of your normal user entries. You may want to create a cn=serviceAccount,dc=acme,dc=com container (as an example) for all of these types of accounts. Or you can put it in your cn=users container, that's fine as well.
    cn=java-app-01,cn=serviceAccount,dc=acme,dc=com
    or
    cn=java-app-01,cn=users,dc=acme,dc=com
    Then your java app gets configured to use this account to perform an authenticated bind/search (in lieu of the anonymous bind/search) to find the full DN of the user logging into your java app. Most ldap enabled applications ask the user to provide only the common name (cn) or unixID (uid) and password at the application login prompt.
    1. The app then performs an anonymous bind/search for the full user entry DN of the user attempting to authenticate into the application.
    or
    2. The app then performs an authenticated bind/search (using the service account) for the full user entry DN of the user attempting to authenticate into the application.
    ...once the app receives back the full user entry DN, the app takes that full DN (dn: cn=gatesb,cn=users,dc=acme,dc=com) and the password provided by the user and attempts the user authentication.
    Hope this helps.....

  • Error while create user in LDAP - LDAP: error code 1

    Hi Guy's, I am getting below error while creating user in LDAP MS AD.
    cn=3001,ou=sAP_IDM,dc=springswf,dc=comcn<mx:TEXT>putNextEntry failed storingOU=SAP_IDM,DC=springswf,DC=com</mx:TEXT>
    <mx:LTEXT>Exception from Add operation:javaxnaming.NamingException: {LDAP: error code 1 = 00000000: LdapErr: DSID-OC090AE2, coment: In order to perform this operation a successful bind must be completed on the connection.,data0,vece
    Steps I am following:
    1. create a job through wizard and pick from (IC->jobs->Active Directory->Create Active Directory User)
    2. Destination tab values that I am passing:
    dn: cn=Dummyuser,ou=SAP_IDM,dc=<main domain>,dc=com
    objectClass: top|person|organizationalPerson|user
    sn: Surname
    givenName: GivenName
    displayName: Dummy user displayname
    Under <main domain> an OU has been created called SAP_IDM for testing user creation from IDM.
    Admin user account created called <XYZ> and has full control over SAP_IDM OU.
    I am passing <XYZ> credentials into my job for user creation.
    Thanks for you help!

    Farhan,
    Based on the error message presented,
    In order to perform this operation a successful bind must be completed on the connection
    Make sure that you're using the correct information to do the AD Bind.  User name should be something like cn=administrator,cn=users,dc=xxx,dc=xxx and the proper password.
    Matt

  • HT5538 Every time I try to use apple ID for face time I got an error message "the username or password was incorrect" although they are right and I use them in App Store and I cloud even after resetting my password

    Every time I try to use apple ID for face time I got an error message "the username or password was incorrect" although they are right and I use them in App Store and I cloud even after resetting my password, the problem happens also with iMessage . Please help

    For what it's worth, you posted this in 2011, and here in 2014 I am still having this same issue. Over the last two days, I have had to unlock my apple account 8 times. I didn't get any new devices. I haven't initiated a password reset. I didn't forget my password. I set up two factor authentication and have been able to do the unlocking with the key and using a code sent to one of my devices. 
    That all works.
    It's this having to unlock my account every time I go to use any of my devices. And I have many: iMac, iPad, iPad2, iPad mini, iPhone 5s, iPod touch (daughter), and my old iPhone 4 being used as an ipod touch now.  They are all synced, and all was working just fine.
    I have initiated an incident with Apple (again) but I know they are just going to suggest I change my Apple ID. It's a simple one, and one that I am sure others think is theirs. I don't want to change it. I shouldn't have to. Apple should be able to tell me who is trying to use it, or at least from where.
    Thanks for listening,
    Melissa

  • Install OCS 10.1.2 Infra DB failed with LDAP: error code 16 on Workspaces

    during install OCS Infrastructure DB OCS have error:
    ... processed key-value: logfile=/oracle/product/dbocs/workspaces/logs/cw_config_backend.log
    ... processed key-value: action=setup_backend
    ... processed key-value: oh=/oracle/product/dbocs
    ... processed key-value: oid=oid.domain
    ... processed key-value: oid_port=389
    ... processed key-value: oid_user_dn=cn=orcladmin
    ... processed key-value: oid_passwd=xxxxxx
    ... processed key-value: db_sn=ocs.domain
    ... processed key-value: dba_user=sys
    ... processed key-value: dba_passwd=xxxxxx
    ... processed key-value: cw_db_passwd=xxxxxx
    Attempting to set logfile to: /oracle/product/dbocs/workspaces/logs/cw_config_backend.log
    Processed oh=/oracle/product/dbocs
    BACKEND installation ...
    ... Trying to lookup database dn
    ... Obtain OID connection
    ...... Can not obtain OID ssl port.
    ...... OID port = "389"
    ...... Trying to establish a non-ssl connection. OID host "oid.domain", OID port "389", OID user dn "cn=orcladmin".
    ... OID connection created.
    ...... You must specify either db_dn or db_sn.
    ...... ldap search filter "(&(objectclass=orcldbserver)(orcldbglobalname=ocs.domain))"
    ...... Succesfully located database dn "cn=ocs,cn=OracleContext".
    ...... Database dn = "cn=ocs,cn=OracleContext"
    ... Validating existence and version of CW schema: "CWSYS" in database: "cn=ocs,cn=OracleContext".
    ... Obtain JDBC connect string
    ... JDBC connect string = "(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=ocsoas.domain)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=ocs.domain)))"
    ...derived: "jdbc_str=(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=ocsoas.domain)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=ocs.domain)))".
    Opening JDBC connection: "jdbc:oracle:thin:sys/xxxxxx@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=ocsoas.domain)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=ocs.domain)))"
    Opening JDBC connection: "jdbc:oracle:thin:sys/xxxxxx@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=ocsoas.domain)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=ocs.domain)))"
    Unlocking schema and setting passwd: "CWSYS/xxxxxx".
    Opening JDBC connection: "jdbc:oracle:thin:sys/xxxxxx@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=ocsoas.domain)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=ocs.domain)))"
    ... Checking Workspaces container.
    ... Container "cn=CollaborativeWorkspaces,cn=Products,cn=OracleContext" already exist.
    ... Finish checking Workspaces container.
    ... Trying to create backend application entity in OID
    ...... Database dn = "cn=ocs,cn=OracleContext"
    ...... Backend entity name = "ocs"
    ...... Backend entity dn = "orclApplicationCommonName=ocs,cn=Database Instances,cn=CollaborativeWorkspaces,cn=Products,cn=OracleContext"
    ... Backend entries already exist. Cleanup old entries.
    deregisterProvisioningListener ...
    app dn = orclApplicationCommonName=ocs,cn=Database Instances,cn=CollaborativeWorkspaces,cn=Products,cn=OracleContext
    subscriber = dc=domain,dc=com
    ... Trying to remove entity "orclApplicationCommonName=ocs,cn=Database Instances,cn=CollaborativeWorkspaces,cn=Products,cn=OracleContext".
    ... Deleting "orclApplicationCommonName=ocs,cn=Database Instances,cn=CollaborativeWorkspaces,cn=Products,cn=OracleContext"
    Adding Workspaces application entity to: cn=Service Registry Viewers,cn=Groups,cn=OracleContext
    Adding Workspaces application entity to: cn=Service Registry Admins,cn=Groups,cn=OracleContext
    ... Insufficient privilege to create application entity "orclApplicationCommonName=ocs,cn=Database Instances,cn=CollaborativeWorkspaces,cn=Products,cn=OracleContext". Please check the user DN and password.
    javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - One or more values for attribute uniquemember does not exist]; remaining name 'cn=Service Registry Admins,cn=Groups,cn=OracleContext'
    at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3009)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)
    at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1373)
    at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:235)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:147)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:136)
    at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:136)
    at oracle.workspaces.share.util.oid.OIDShareUtil.setEntryAttribute(OIDShareUtil.java:471)
    at oracle.workspaces.share.util.oid.OIDShareUtil.addMemberToGroup(OIDShareUtil.java:420)
    at oracle.workspaces.share.util.oid.OIDShareUtil.addMemberToGroupIgnoreDuplicateMember(OIDShareUtil.java:435)
    at oracle.workspaces.install.CwConfigOID.createBackendEntity(CwConfigOID.java:1205)
    at oracle.workspaces.install.CwConfigOID.registerBackend(CwConfigOID.java:449)
    at oracle.workspaces.install.CwConfig.regBackend(CwConfig.java:320)
    at oracle.workspaces.install.CwConfig.run(CwConfig.java:609)
    at oracle.workspaces.install.CwConfig.main(CwConfig.java:790)
    oracle.workspaces.install.CwCAException: Error while executing action: "setup_backend"
    Caused by: javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - One or more values for attribute uniquemember does not exist]
    at oracle.workspaces.install.CwConfig.run(CwConfig.java:639)
    at oracle.workspaces.install.CwConfig.main(CwConfig.java:790)
    Caused by: javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - One or more values for attribute uniquemember does not exist]; remaining name 'cn=Service Registry Admins,cn=Groups,cn=OracleContext'
    at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3009)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)
    at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1373)
    at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:235)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:147)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:136)
    at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:136)
    at oracle.workspaces.share.util.oid.OIDShareUtil.setEntryAttribute(OIDShareUtil.java:471)
    at oracle.workspaces.share.util.oid.OIDShareUtil.addMemberToGroup(OIDShareUtil.java:420)
    at oracle.workspaces.share.util.oid.OIDShareUtil.addMemberToGroupIgnoreDuplicateMember(OIDShareUtil.java:435)
    at oracle.workspaces.install.CwConfigOID.createBackendEntity(CwConfigOID.java:1205)
    at oracle.workspaces.install.CwConfigOID.registerBackend(CwConfigOID.java:449)
    at oracle.workspaces.install.CwConfig.regBackend(CwConfig.java:320)
    at oracle.workspaces.install.CwConfig.run(CwConfig.java:609)
    ... 1 more
    javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - One or more values for attribute uniquemember does not exist]; remaining name 'cn=Service Registry Admins,cn=Groups,cn=OracleContext'
    at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3009)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)
    at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1373)
    at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:235)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:147)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:136)
    at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:136)
    at oracle.workspaces.share.util.oid.OIDShareUtil.setEntryAttribute(OIDShareUtil.java:471)
    at oracle.workspaces.share.util.oid.OIDShareUtil.addMemberToGroup(OIDShareUtil.java:420)
    at oracle.workspaces.share.util.oid.OIDShareUtil.addMemberToGroupIgnoreDuplicateMember(OIDShareUtil.java:435)
    at oracle.workspaces.install.CwConfigOID.createBackendEntity(CwConfigOID.java:1205)
    at oracle.workspaces.install.CwConfigOID.registerBackend(CwConfigOID.java:449)
    at oracle.workspaces.install.CwConfig.regBackend(CwConfig.java:320)
    at oracle.workspaces.install.CwConfig.run(CwConfig.java:609)
    at oracle.workspaces.install.CwConfig.main(CwConfig.java:790)
    What should i do?
    help.
    Thanks

    closed
    Re: Install OCS 10.1.2 Infra DB failed with LDAP: error code 16 on Workspac

  • LDAP Newbie:    javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031522C9, problem 2001 (NO_OBJECT)

    Hi,
    I am getting the following error when I try to do a search on an ldap (AD LDS) database:
    javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031522C9, problem 2001 (NO_OBJECT), data 0, best match of:
    'DC=AppPartFE,DC=com'
    ]; remaining name 'cn=Users,dc=AppPartFE,dc=com'
    at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
    at com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source)
    at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)
    at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
    at javax.naming.directory.InitialDirContext.search(Unknown Source)
    at Test.<init>(Test.java:70)
    at Test.main(Test.java:118)
    I can bind successfully using either the userPrincipalName (UPN) or the Distinguished Name (DN), however my search is failing.
    It is almost as if I am connected to the db tree at the wrong place.  Do I need a different search scope?
    I appreciate any assistance you can provide.
    Here is my code:
    import java.util.*; 
    import static java.lang.System.err;
    import javax.naming.Context;
    import javax.naming.NamingEnumeration;
    import javax.naming.NamingException;
    import javax.naming.directory.DirContext;
    import javax.naming.directory.SearchControls;
    import javax.naming.directory.SearchResult;
    import javax.naming.ldap.InitialLdapContext;
    import javax.naming.ldap.LdapContext;
    public class Test 
    public Test() 
      Properties prop = new Properties(); 
      prop.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory"); 
      prop.put("java.naming.provider.url", "ldap://MyHost.Mydomain.labs.CompanyX.com:50004");
      String strProviderUrl = "ldap://MyHost.Mydomain.labs.CompanyX.com:50004";
      // Can successfully bind with the userPrincipalName in AD LDS
      //prop.put("java.naming.security.principal", "[email protected]");
      // Can successfully bind with Distinguished Name
      // Note: the string is case insensitive and embedded blank after a comma is not a problem
       prop.put("java.naming.security.principal", "cn=tst0001,cn=Users,dc=AppPartFE,dc=com"); 
      prop.put("java.naming.security.credentials", "password"); 
      try { 
        LdapContext ctx = new InitialLdapContext(prop, null); 
        System.out.println("Bind successful");
    //I am successful to this point....
       //now try doing a search on another user
         String strFilter = "(&(objectClass=userProxy)(sAMAccountName=tst0001))";
        SearchControls searchControls = new SearchControls();
        searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); //works with object class=* to find top partition node
        NamingEnumeration<SearchResult> results = ctx.search("cn=Users,dc=AppPartFE,dc=com", strFilter, searchControls);
        SearchResult searchResult = null;
        if(results.hasMoreElements()) {
             searchResult = (SearchResult) results.nextElement();
            //make sure there is not another item available, there should be only 1 match
            if(results.hasMoreElements()) {
                System.err.println("Matched multiple users for the accountName");
      catch (NamingException ex) { 
        ex.printStackTrace(); 
    public static void main(String[] args) 
      Test ldaptest = new Test(); 

    Because you are specifiying a base distinguished name in your ldap url, the ldap context will be rooted at that context and all subsequent objects will be relative to that base distinguished name.//connect to my domain controller
    String ldapURL = "ldaps://rhein:636/dc=bodensee,dc=de";andString userName = "CN=verena bit,OU=Lehrer,OU=ASR,DC=bodensee,DC=de";results in an fully distinguished name of:CN=verena bit,OU=Lehrer,OU=ASR,DC=bodensee,DC=de,dc=bodensee,dc=deEither specify your ldap url asString ldapURL = "ldaps://rhein:636";and leave your username as is, or specify the user object relative to the base distinguished name in the ldapurlString userName = "CN=verena bit,OU=Lehrer,OU=ASR";

  • LDAP: error code 65

    i am trying to connect to the LDAP using the JNDI
    and i am getting the following error i was unable to solve it
    here i am posting my sample slapd.cof file as well as my source program and the error
    import java.util.Properties;
    import javax.naming.Context;
    import javax.naming.NameAlreadyBoundException;
    import javax.naming.directory.DirContext;
    import javax.naming.directory.InitialDirContext;
    public class MakeRoot {
    final static String ldapServerName = "localhost";
    final static String rootdn = "cn=Manager, o=jndiTest";
    final static String rootpass = "secret";
    final static String subContext = "o=jndiTest";
    public static void main( String[] args ) {
    // set up environment to access the server
    Properties env = new Properties();
    env.put( Context.INITIAL_CONTEXT_FACTORY,
    "com.sun.jndi.ldap.LdapCtxFactory" );
    env.put( Context.PROVIDER_URL, "ldap://" + ldapServerName + "/" );
    env.put( Context.SECURITY_PRINCIPAL, rootdn );
    env.put( Context.SECURITY_CREDENTIALS, rootpass );
    try {
    // obtain initial directory context using the environment
    DirContext ctx = new InitialDirContext( env );
    // now, create the root context, which is just a subcontext
    // of this initial directory context.
    ctx.createSubcontext( subContext );
    } catch ( NameAlreadyBoundException nabe ) {
    System.err.println( subContext + " has already been bound!" );
    } catch ( Exception e ) {
    System.err.println( e );
    slapd.cof
    # See slapd.conf(5) for details on configuration options.
    # This file should NOT be world readable.
    ucdata-path     ./ucdata
    include          ./schema/core.schema
    include          ./schema/cosine.schema
    include          ./schema/inetorgperson.schema
    include          ./schema/java.schema
    # Define global ACLs to disable default read access.
    # Do not enable referrals until AFTER you have a working directory
    # service AND an understanding of referrals.
    #referral     ldap:/root.openldap.org
    pidfile          ./run/slapd.pid
    argsfile     ./run/slapd.args
    # Load dynamic backend modules:
    # modulepath     ./libexec/openldap
    # moduleload     back_bdb.la
    # moduleload     back_ldap.la
    # moduleload     back_ldbm.la
    # moduleload     back_passwd.la
    # moduleload     back_shell.la
    # Sample security restrictions
    #     Require integrity protection (prevent hijacking)
    #     Require 112-bit (3DES or better) encryption for updates
    #     Require 63-bit encryption for simple bind
    # security ssf=1 update_ssf=112 simple_bind=64
    # Sample access control policy:
    #     Root DSE: allow anyone to read it
    #     Subschema (sub)entry DSE: allow anyone to read it
    #     Other DSEs:
    #          Allow self write access
    #          Allow authenticated users read access
    #          Allow anonymous users to authenticate
    #     Directives needed to implement policy:
    # access to dn.base="" by * read
    # access to dn.base="cn=Subschema" by * read
    # access to *
    #     by self write
    #     by users read
    #     by anonymous auth
    # if no access controls are present, the default policy
    # allows anyone and everyone to read anything but restricts
    # updates to rootdn. (e.g., "access to * by * read")
    # rootdn can always read and write EVERYTHING!
    # BDB database definitions
    #database     bdb
    #suffix          "o=jndiTest"
    #rootdn          "cn=Manager,o=jndiTest"
    # Cleartext passwords, especially for the rootdn, should
    # be avoid. See slappasswd(8) and slapd.conf(5) for details.
    # Use of strong authentication encouraged.
    #rootpw          secret
    # The database directory MUST exist prior to running slapd AND
    # should only be accessible by the slapd and slap tools.
    # Mode 700 recommended.
    #directory     ./data
    # Indices to maintain
    #index     objectClass     eq
    database bdb
    #suffix "dc=stooges,dc=org"
    suffix "o=jndiTest"
    rootdn "cn=Manager,o=jndiTest"
    rootpw secret
    directory ./data
    defaultaccess read
    schemacheck off
    lastmod on
    error:
    javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - object class 'javaContainer' requires attribute 'cn']; remaining name 'o=jndiTest'

    I have updated the ldap java.schema with below entries, it is working fine
    objectclass ( 1.3.6.1.4.1.42.2.27.4.2.1
         NAME 'javaContainer'
         DESC 'Container for a Java object'
         SUP top
         STRUCTURAL
         MAY ( o $ cn))

  • Javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 21

    I have collected the following code from "http://www.concentric.net/~adhawan/tutorial/"
    import javax.naming.Context;
    import javax.naming.InitialContext;
    import javax.naming.NamingException;
    import javax.naming.NameAlreadyBoundException;
    import javax.naming.directory.*;
    import java.util.*;
    public class MakeRoot {
            final static String ldapServerName = "localhost";
            final static String rootdn = "cn=Manager, o=jndiTest";
            final static String rootpass = "secret";
            final static String rootContext = "o=jndiTest";
            public static void main( String[] args ) {
                    // set up environment to access the server
                    Properties env = new Properties();
                    env.put( Context.INITIAL_CONTEXT_FACTORY,
                             "com.sun.jndi.ldap.LdapCtxFactory" );
                    env.put( Context.PROVIDER_URL, "ldap://" + ldapServerName + "/" );
                    env.put( Context.SECURITY_PRINCIPAL, rootdn );
                    env.put( Context.SECURITY_CREDENTIALS, rootpass );
                    try {
                            // obtain initial directory context using the environment
                            DirContext ctx = new InitialDirContext( env );
                            // now, create the root context, which is just a subcontext
                            // of this initial directory context.
                            ctx.createSubcontext( rootContext );
                    } catch ( NameAlreadyBoundException nabe ) {
                            System.err.println( rootContext + " has already been bound!" );
                    } catch ( Exception e ) {
                            System.err.println( e );
    }I am using the ldap server at here:
    http://download.bergmans.us/openldap/openldap-2.2.29/openldap-2.2.29-db-4.3.29-openssl-0.9.8a-win32_Setup.exe
    My slap.conf is:database     bdb
    suffix          "dc=jndiTest"
    rootdn          "cn=Manager,dc=jndiTest"
    # Cleartext passwords, especially for the rootdn, should
    # be avoid.  See slappasswd(8) and slapd.conf(5) for details.
    # Use of strong authentication encouraged.
    rootpw          secret
    # The database directory MUST exist prior to running slapd AND
    # should only be accessible by the slapd and slap tools.
    # Mode 700 recommended.
    directory     ./data
    # Indices to maintain
    index     objectClass     eqWhile running this code:
    ldap://localhost:389/
    javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 21 - ob
    jectClass: value #0 invalid per syntax]; remaining name 'dc=jndiTest'
            at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)
            at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
            at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
            at com.sun.jndi.ldap.LdapCtx.c_createSubcontext(Unknown Source)
            at com.sun.jndi.ldap.LdapCtx.c_createSubcontext(Unknown Source)
            at com.sun.jndi.toolkit.ctx.ComponentContext.p_createSubcontext(Unknown
    Source)
            at com.sun.jndi.toolkit.ctx.PartialCompositeContext.createSubcontext(Unk
    nown Source)
            at com.sun.jndi.toolkit.ctx.PartialCompositeContext.createSubcontext(Unk
    nown Source)
            at javax.naming.InitialContext.createSubcontext(Unknown Source)
            at MakeRoot.main(MakeRoot.java:35)It's obviously connecting with the given credentials and provider url. But then why is it not working?
    Any help would highly appreciated. Thanks in advance.

    That is right I agree. And I guess that happened because I was trying to doing different permutation-combination with the naming scheme and I forgot to update slapd.conf. And even after made that change it was showing the same error. The poster forgot to mention to include java.schema. That change made it work finally.
    Thanks for your reply.

  • DPS7: LDAP error code 52

    env: DPS7 on RH5. we are running into many types of connection issues...the following 3 are frequent..
    1. LDAP: error code 52 - Unable to read BIND response from server
    2. LDAP: error code 52 - Unable to read SEARCH response from backend server : Connection reset by peer
    3. LDAP: error code 52 - Unable to read SEARCH response from backend server : Timeout when waiting to read from input stream
    Appreciate someone helping me understand under what circumstances the above errors occur and what needs to be tweaked to limit them.
    Also, is there a way to configure DPS not to use connection pools and instead open fresh connections for each client operation. Why would I do that. I believe DPS needs a lot of timeout and monitoring times tweaking to make sure that the connections in the pool are monitored properly and kept active. Any suggestions here.

    Hi,
    Looks like the connections between DPS and DS are invalid. This gives rise to a great variety of error message depending on when the error is detected (read, write, timeout etc).
    In most cases, this is related to aggressive idle-timeout set on the DS side or HW LB that impacts DPS connection pooling.
    The dpconf property "monitoring-inactivity-timeout" , defaulted to 120s may be used to keep pooled connection alive.
    Hope this helps
    -Sylvain

  • LDAP: error code 49 - 80090308

    I recently saw my log files as we were experiencing slowness in our application and found the follwoing error message :
    javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext
    error, data 52e, v893]; remaining name 'dc=hess,dc=pri,dc=com'
    at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2988)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
    at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2735)
    at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2649)
    at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2549)
    at com.sun.jndi.ldap.LdapCtx.ensureOpen(LdapCtx.java:2523)
    at com.sun.jndi.ldap.LdapCtx.doSearch(LdapCtx.java:1904)
    at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1809)
    at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1734)
    at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:328)
    at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:313)
    at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:238)
    at com.retek.rsw.persistence.ldap.LdapRswSecurityDao.getGroupNames(LdapRswSecurityDao.java:197)
    at com.retek.rsw.persistence.ldap.LdapRswSecurityDao.authenticateAndReadUser(LdapRswSecurityDao.java:92)
    at com.retek.rsw.service.RswSecurity.getUser(RswSecurity.java:47)
    at com.retek.rsw.ui.control.security.LoginDoneAction.perform(LoginDoneAction.java:37)
    at org.apache.struts.action.ActionServlet.processActionPerform(ActionServlet.java:1787)
    at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1586)
    at com.retek.struts.action.ActionServlet.process(ActionServlet.java:227)
    at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:510)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
    Can anyone please help me understand this message. I looked it up on the internet and it said that you DN's are not set properly, if that is the case then none of the users should be able to login then howcome users are able to login?
    Thanks in Advance,
    Joyce

    LDAP error code 49 means that invalid credentials were provided, so perhaps the application is trying to bind with the wrong dn/password.

Maybe you are looking for

  • During the start up of my imac, logon failed

    during the start up of my imac, logon failed and the user doesn't exit anymore . i have performed a password recovery and i'm using the mac root user. is it possible to recover my user and my profile ? and how ? this problem exist from the moment in

  • How to transfer files using Oracle Managed File Transfer from Oracle EBS 12.1.3

    Hello, I'm looking for ideas to securely transfer files bi-directional between Oracle EBS 12.1.3 to IIS using Oracle Managed File Transfer and SOA.  Any help is greatly appreciated. Thanks

  • Backward compatiblity between Reader 9 and PDFs created in Acrobat 6 and 7

    Older Acrobat 6 and 7 versions created a number of PDFs that are now being used in Reader 9. Originally, they were generated on a Mac using Distiller 5.0 (PDF 1.4) settings. Forms fields and security were applied in Acrobat 6 and 7 and uploaded for o

  • Can not move apps

    under mavericks I can not move apps to a new directory with out it turing into an alias. please let me know how I can fix this.

  • Virtual Key Figures - How are they triggered?

    HI, I am trying to implement the Virtual Key Figure user-exit. I have created all the necessary coding and activated the user-exit. My cube contains data but the VKF in question has not been populated with any data because I have set the update rules