javax.naming.AuthenticationException: [LDAP: error code 49 - 8009030B: LdapErr:DSID-0C09043E

Michael B Allen ioplex at gmail.com
Thu Feb 28 15:52:39 EST 2008


On 2/27/08, Ramesh Rao <rao.rao.d at gmail.com> wrote:
>  > Hi ,
>  >
>  > I have a setup as follows:
>  > 1. Win2003 AD Server
>  > 2. Win2003 Client connected to the AD Domain
>  > 3. Now i have  krb5.ini, Java Program and JASS conf files (Please
>  > find attachment for these files)
>  > 4. When i try to run
>  > java -Djava.security.auth.login.config=searchWithAuth.conf -
>  > Djava.security.krb5.conf=krb5.ini -Dsun.security.krb5.debug=true
>  > SearchWithAuth
>  >
>  > Iam getting the following:
>  > D:\Kerberostools>java -
>  > Djava.security.auth.login.config=searchWithAuth.conf -Dja
>  > va.security.krb5.conf=krb5.ini -Dsun.security.krb5.debug=true
>  > SearchWithAuth
>  > Kerberos username [Ramesh.rao]: Ramesh.rao
>  > Kerberos password for Ramesh.rao: Password12
>  > >>> EType: sun.security.krb5.internal.crypto.DesCbcMd5EType

Are you sure the account for 'Ramesh.rao' in AD is using DES? User
accounts are RC4 by default unless the "This account uses DES
encryption" flag is set.

Mike

<snip huge unnecessary hexdump output>
>  > javax.naming.AuthenticationException: [LDAP: error code 49 -
>  > 8009030B: LdapErr:
>  > DSID-0C09043E, comment: AcceptSecurityContext error, data 0, vece ]
>  >         at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2988)
>  >         at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:
>  > 2934)
>  >         at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:
>  > 2735)
>  >         at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2649)
>  >         at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:290)
>  >         at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL
>  > (LdapCtxFactory.java:175)

-- 
Michael B Allen
PHP Active Directory SPNEGO SSO
http://www.ioplex.com/



More information about the Kerberos mailing list