Return-Path: X-Original-To: apmail-directory-api-archive@minotaur.apache.org Delivered-To: apmail-directory-api-archive@minotaur.apache.org Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by minotaur.apache.org (Postfix) with SMTP id 63AB517C70 for ; Wed, 21 Oct 2015 12:21:05 +0000 (UTC) Received: (qmail 39548 invoked by uid 500); 21 Oct 2015 12:21:05 -0000 Delivered-To: apmail-directory-api-archive@directory.apache.org Received: (qmail 39524 invoked by uid 500); 21 Oct 2015 12:21:05 -0000 Mailing-List: contact api-help@directory.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: api@directory.apache.org Delivered-To: mailing list api@directory.apache.org Received: (qmail 39511 invoked by uid 99); 21 Oct 2015 12:21:04 -0000 Received: from Unknown (HELO spamd4-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 21 Oct 2015 12:21:04 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd4-us-west.apache.org (ASF Mail Server at spamd4-us-west.apache.org) with ESMTP id 650F9C0FC5 for ; Wed, 21 Oct 2015 12:21:04 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd4-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: -0.121 X-Spam-Level: X-Spam-Status: No, score=-0.121 tagged_above=-999 required=6.31 tests=[DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001] autolearn=disabled Authentication-Results: spamd4-us-west.apache.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from mx1-us-east.apache.org ([10.40.0.8]) by localhost (spamd4-us-west.apache.org [10.40.0.11]) (amavisd-new, port 10024) with ESMTP id nhm1gbVmJHj1 for ; Wed, 21 Oct 2015 12:21:03 +0000 (UTC) Received: from mail-wi0-f169.google.com (mail-wi0-f169.google.com [209.85.212.169]) by mx1-us-east.apache.org (ASF Mail Server at mx1-us-east.apache.org) with ESMTPS id 6F9E8439C2 for ; Wed, 21 Oct 2015 12:21:03 +0000 (UTC) Received: by wicll6 with SMTP id ll6so71588953wic.1 for ; Wed, 21 Oct 2015 05:21:02 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-type:content-transfer-encoding; bh=71L+0f/IM1TIkcbD8BRPscMl6K/45RFsRsFFDyFWyj0=; b=s9Hw89g1wXBaQ+LOsUgV3H+HJggyhIeu9mVY/28j/q35UHq4VQ/TNwydy5PYuDcw38 fRnO5W08JBDozlTZpDJoc0W4/meFM0m0nPvVdJeuupjvzjzSROPGSVnXTZwb1GHG63zZ 6fa0v/CV+w0Or+nuHF8rrj6nfiFo6+Dhz1GDd5k6lfYuv/DVDkljhJB3/ib0ATZ6IRS6 UOunSpD+MH62qHmJ0/t/rL+C/qb0prSpJcWA8Mfy2ngAbyjCeoUvug7KZO5FgEJzJxCJ pVG4Q8gsJc8wzYBSNgl1/k/V/mjUOFkWsfeh5yUxzdb56PuePWXezjtfBczDWohP252R yYMA== X-Received: by 10.180.35.163 with SMTP id i3mr35992579wij.55.1445430062256; Wed, 21 Oct 2015 05:21:02 -0700 (PDT) Received: from [192.168.1.29] (AMontsouris-651-1-150-45.w83-202.abo.wanadoo.fr. [83.202.69.45]) by smtp.googlemail.com with ESMTPSA id h7sm10103321wjz.7.2015.10.21.05.21.01 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 21 Oct 2015 05:21:01 -0700 (PDT) Subject: Re: Ldap Bind gives AccessSecurityContext error, data 20ee To: api@directory.apache.org References: <70b952e3d06e4e0087189e7665dd727e@MBX01C-ORD1.mex08.mlsrvr.com> From: =?UTF-8?Q?Emmanuel_L=c3=a9charny?= X-Enigmail-Draft-Status: N1110 Message-ID: <56278326.1040700@gmail.com> Date: Wed, 21 Oct 2015 14:20:54 +0200 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:38.0) Gecko/20100101 Thunderbird/38.3.0 MIME-Version: 1.0 In-Reply-To: <70b952e3d06e4e0087189e7665dd727e@MBX01C-ORD1.mex08.mlsrvr.com> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Le 20/10/15 23:32, Jayant Pandit a =C3=A9crit : > Hello, > > I am just starting on an app to read users list from LDAP. I am trying = the LDAP API for this. Domain controller is running windows 2012 R2 serve= r. I could do it in .net but I prefer to do it in Java as the final produ= ct will be a web-app. I am trying just a simple bind and it keeps giving = this exception. The statement giving exception is very simple - > > conn.bind("....user dn....","..password.."); > > The user DN is correct. I found it from the dsquery for the user. If I = run it on a computer outside the domain, not even connected, I get events= 2536 and 2537 on the ldap service at times. I have been trying various t= hings like changing service users etc. so I couldn't keep track of exactl= y when I get 2536 and when 2537. If I run the program on the domain contr= oller itself I get same error but no offending events. Rather confusing. = There are no other objectionable events in the service event log. Can you try using Directory Studio to bind using this user and creds, to see what's wrong ? Otherwise, I have no idea what those 2536/2537 events can be. If you have more information about what they mean, that would be appreciated. Same for the errors you get on the domain controller : what are they ?