unicheckldap fails: AcceptSecurityContext error, data 52e, v1db1

Document ID : KB000086530
Last Modified Date : 14/04/2018
Show Technical Document Details
Issue:
Error Message :
Checking configuration: [LDAP Repository]:
Host: LDAP_SERVER Port: 389 SSL: false
cannot connect to ldap server: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1 ]
FAILURE Host: LDAP_SERVER configuration is KO

Patch level detected:Univiewer Management Server 4.0.00
Product Version: Dollar.Universe 6

Description :LDAP authentication failed, UVMS is unable to connect to the LDAP server with the provided SecurityPrincipal user.
Environment:
OS: Windows Server 2008
OS Version: Windows / Linux
Cause:
Cause type:
Configuration
Root Cause: The configuration of the ldap.xml is wrong.
SecurityPrincipal should be a distinguished name (DN) and not an email adress.
Resolution:
Modify the ldap.xml, the securityPrincipal parameter must have a DN syntax like explained in the documentation.
You can check the syntax of the ldap.xml via the command unicheckldap, once it works, restart the UVMS server to take into account the modification.
TagValuesDescription
securityPrincipalAnonymous (by default)Service user account (in DN format) used by UVMS to search for users in the LDAP directory. This entry must have search rights on the directory subtree where users are located. Examples: 
uid=foo, o=myCompany 
CN=Eca,CN=Users,DC=automic,DC=com


Fix Status: No Fix

Additional Information:
Workaround :
N/A