U0051002 LDAP error invalidCredentials

Document ID : KB000088303
Last Modified Date : 14/04/2018
Show Technical Document Details
Issue:
Using LDAP for a USER object and logging into the Automic GUI may throw an error back. Below are some examples of these errors:

LDAP message 'U0051002 LDAP message 'BindResponse' with result code 'invalidCredentials', message: &03 
U0004515 Access violation: User: 'E11384/ADPRODDPROD' Host: 'DCHI040735' Reason: Incorrect logon.
U0051002 LDAP message 'SearchResultDone' with result code 'referral', message: 0000202B: RefErr: DSID-0310063C, data 0, 1 access points
U0051002 LDAP message 'BindResponse' with result code 'invalidCredentials', message: 8009030C: LdapErr: DSID-0C09043E, comment: AcceptSecurityContext error, data 0, vece

 

 

 

 

Resolution:

When contacting Automic, the first recommendation will be to use a TestLDAP tool that is basically the Microsoft API tool that Automic uses to authenticate against LDAP. Information on this tool is below.​

Below is a .zip file called TestLDAP.zip.  Instructions on how to use this are below:

1. copy the .zip file to the local disk (e.g. C:\temp) and extract the entire .zip archive
Your directory structure should now look like:
  
C:\Temp\Testldap\bin 
C:\Temp\Testldap\temp\ldap 
 
2. start a command prompt in the ..\Testldap\bin directory or navigate to the ..\Testldap\bin directory.
There are two files: testldap.exe, zu00132.dll
  
3. Run the test as follows: 
C:\Temp\Testldap\bin\testldap -s <ldapservername:port> -u <domain\user> -p <pass>

Use the user that the authentication failed on previously with the error.
   
A trace will be created: C:\Temp\Testldap\temp\ldap\ldap_trc00.txt ​

Trace analysis

If there is an error, this will be output both in the command window and in the ldap trace file (\temp\ldap\ldap_trc00.txt).  This shows that there is something wrong with the connection somewhere.  An LDAP admin should be able to view the command line output and see what the problem is.

If help is needed in finding the error message, please send the command line output and the trace file to Automic Support who will attempt to help.

Below is an example of the command line output if the authentication is successful:

authentication successful
MAIL = something@something.m
cn = username
distinguishedName = CN=username,OU=ServiceAccounts,OU=Users,OU=WA,OU=US,OU=A
DM,DC=domain,DC=domain,DC=domain
authentication successful
MAIL = something@something.m
cn = username
distinguishedName = CN=username,OU=ServiceAccounts,OU=Users,OU=WA,OU=US,OU=A
DM,DC=domain,DC=domain,DC=domain
LDAP test returns: 51002
retText = BindResponse|invalidCredentials|80090308: LdapErr: DSID-0C0904DC, comm
ent: AcceptSecurityContext error, data 57, v1db1|

File Attachments:
TestLDAP.zip