错误而从AD服务器

Question

package mypack; 

import java.util.*; 
import javax.naming.*; 
import javax.naming.directory.*; 

public class ADCheck { 
    public static void main(String[] args) { 
     try { 
      Hashtable env = new Hashtable(); 
      env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory"); 
      env.put(Context.PROVIDER_URL,"LDAP://myad.com:385"); 
      env.put(Context.SECURITY_AUTHENTICATION,"DIGEST-MD5"); 
      env.put(Context.SECURITY_PRINCIPAL,"MY_USER_NAME"); 
      env.put(Context.SECURITY_CREDENTIALS, "MY_PASSWORS"); 
      DirContext ctx = new InitialDirContext(env); 
      ctx.close(); 
     } catch(NamingException ne) { 
      System.out.println("Error authenticating user:"); 
      System.out.println(ne.getMessage()); 
      return; 
     } 
     System.out.println("OK, successfully authenticating user"); 
    } 
} 

使用认证获取错误：

javax.naming.AuthenticationException: [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C09043E, comment: AcceptSecurityContext error, data 0, vece.

请帮助

Answer 1

https://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5266

When testing authentication to an Active Directory server, you may see this error:

Authentication Error: [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C09043E, comment: AcceptSecurityContext error, data 0, vece].

Resolution or Workaround:

This can occur if the Host Type in the Remote Domain configuration is incorrect. Change the Host Type to Active Directory (or vice versa):

还要检查 http://www.websina.com/bugzero/faq/ldap-error-code-49.html

A: This error is caused by the wrong setting of
java.naming.security.principal.

A full DN must be used here, something like:

CN=FName LName,OU=OrgUnit_the_user_stored_in,DC=Domain_name,DC=Domain_suffix