[rt-users] Can't bind: LDAP_INVALID_CREDENTIALS 49
Ole Craig
ocraig at stillsecure.com
Mon Jun 5 23:55:10 EDT 2006
On Mon, 2006-06-05 at 19:17 -0700, Wade Naveja wrote:
> I've got loggin cranked up, and I'm seeing the following:
>
> [Tue Jun 6 01:51:01 2006] [critical]: RT::User::LookupExternalUserInfo
> Can't bind: LDAP_INVALID_CREDENTIALS 49
> (/usr/local/rt3/lib/RT/User_Local.pm:475)
>
Error 49 is the generic LDAP error returned when the account you're
using to bind (NOT the account you're trying to authenticate) has
invalid credentials, usually a bad or expired password but not always.
Active Directory returns a cryptic sub-error code:
http://forum.java.sun.com/thread.jspa?forumID=51&threadID=658510
... excerpt:
The AD-specific error code is the one after "data" and before "vece" or
"v893" in the actual error string returned to the binding process (if
you can get a look at that message):
* 525 - user not found
* 52e - invalid credentials
* 530 - not permitted to logon at this time
* 532 - password expired
* 533 - account disabled
* 701 - account expired
* 773 - user must reset password
Hope that's useful,
Ole
--
/Ole Craig
Security Engineer
303-381-3802 (main support hotline)
303-381-3824 (my direct line)
303-381-3801 (fax)
www.stillsecure.com
. . .
More information about the rt-users
mailing list