Announcement Announcement Module
No announcement yet.
Ldap error 32 with AD, everything seems to be ok. Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Ldap error 32 with AD, everything seems to be ok.

    Hello everybody, I am trying to fix this problem for hours now. I already read about this error in a couple of farums. But my settings seems to be right!, so I dont know what I am missing!.

    Well, I used to use ApacheDS (all the logic is working fine with ApacheDS), but I want to change to AD. So I created this AD structure:


    And I have created a manager User in the configuration with all the right.

    Spring security configurations and values:

    <ldap-server id="ldapServer" url="^{ldap.server.url}"

    <bean id="TBindAuthenticator" class=" n.TBindAuthenticator">
    <constructor-arg ref="ldapServer" />
    <property name="bindDnPatterns">

    ldap.server.manager.dn=CN=Administrator,CN=Roles,C N=Configuration,CN={B74FC0BD-AFE5-410C-B342-56E712FAC060}

    So, here is where is failing:

    DirContext ctx = null;
    try {
    ctx = getContextSource().getContext(fullDn.toString(), password);

    Attributes attrs = ctx.getAttributes(userDn, getUserAttributes());

    When I get the Context (getContextSource().getContext(fullDn.toString(), password) I need to autenticate agains the AD. If the credentials are fine, then I am authenticated, otherwise, this trhow an exeption (LDAP: error code 49). So, I am authenticating agains the AD and I believe all the conection is working fine.

    But, when I enter the correct credentials, then I want so get the attributes. So, I am specifing the userdn (uid=juan.seon,ou=people,o=domain1) not the full DN. (I hear in the forum that this could be the problem, If I use the FullDN then I should get ldap error:32, but this is not the case).

    I am very confused about this, I think could be something related to the configurations in AD (I am new to AD). Configurations about the users? or the adminUser perhaps?? Any idea?

    Thanks in advance.

  • #2
    a new admin user under the partition "dc=mycompany,dc=com". But this was not the problem. The problem was that each user need to have the "READERS" role. So In the role "READERS" I added the user to the member attribute, and this was the solution. Not sure if this is the best solution, and I am not sure to fully understand Why!.

    Does anybody know the answer?