November 19th, 2004, 08:42 AM
Active Directory (Microsoft LDAP SDK) : Problem with ldap_bind_s
I am binding a user with correct password to active directory(SSL enabled). The user's
attribute “User Must Change password at next logon” is set (i.e. pwdLastSet=0).
lderr = ldap_bind_s(ld, (char *) (LPCTSTR) szPath,(char *) (LPCTSTR) szPassword, LDAP_AUTH_NEGOTIATE);
ldap_get_lderrno(pld->m_pLdap, NULL, &szErrmsg);
1. lderr = 49
2. szErrmsg = "8009030C: LdapErr: DSID-0C0903E2, comment:
AcceptSecurityContext error, data 0, v893"
The error message I got is same when I try to bind a user with wrong password and whose attribute pwdLastSet= -1.
How will I distinguish that user login is rejected due to bad password or pwdLastSet=0 ?
I am sure there is no problem with SSL or other AD configuration.
January 11th, 2005, 05:26 AM
Problem with "pwdLastSet=0"
I try to connect to an ad server over SSL and ldapv3. The problem is the interpretation of the answer from the ad server. The perl modules return me the error 49, but the user and password is correct, and "pwdlastset=0".
During my search for a solution for my problem, I found your posting about the same problem I actually have, but no replies.
So I hope you have a solution and can already tell me your solution.