我想爲我的應用程序中使用配置Active Directory(AD LDS)。我在Weblogic應用服務器中使用ForeignJNDIProvider來配置AD的設置。從我的基於Java的應用程序,我做的InitialContext查找如下圖所示:錯誤533在Active Directory LDAP
InitialContext iCtx = new InitialContext();
DirContext dir = (DirContext) iCtx.lookup(<JNDI name>);
上面的第二個代碼行失敗,出現以下錯誤:
javax.naming.AuthenticationException: [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 533, v1db1 ]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3067)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2815)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2729)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:296)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.InitialContext.<init>(InitialContext.java:197)
at weblogic.jndi.internal.ForeignOpaqueReference.getReferent(ForeignOpaqueReference.java:70)
at weblogic.jndi.internal.WLNamingManager.getObjectInstance(WLNamingManager.java:96)
at weblogic.jndi.internal.ServerNamingNode.resolveObject(ServerNamingNode.java:377)
at weblogic.jndi.internal.BasicNamingNode.resolveObject(BasicNamingNode.java:856)
at weblogic.jndi.internal.BasicNamingNode.lookup(BasicNamingNode.java:209)
at weblogic.jndi.internal.WLEventContextImpl.lookup(WLEventContextImpl.java:254)
at weblogic.jndi.internal.WLContextImpl.lookup(WLContextImpl.java:411)
at javax.naming.InitialContext.lookup(InitialContext.java:392)
我試圖尋找了什麼樣的錯誤533 AD意思。我得到的唯一答案是,它意味着「帳戶禁用」。我不確定情況如何。我怎樣才能解決這個問題?
我剛剛查找了錯誤代碼49(來自堆棧跟蹤)並在此處找到鏈接:http://forums.devshed.com/ldap-programming-76/javax-naming-authenticationexception-ldap-錯誤碼49-80090308 - ldaperr-DSID - 121363.html。 我建議測試LDAP相關的查詢,連接等在Apache的目錄工作室(我用它積極地):http://directory.apache.org/studio/ – Blaskovicz
嗨,Apache的目錄工作室看起來真的很酷,但它並不顯示我的DN下爲AD LDS(我可以看到使用ADSI編輯)的目錄條目。任何想法? –