LDAP: Active Directory errors
I was helping someone debug logging into Active Directory with LDAP. I had performed a network trace and the reply to the BIND request stated:
resultCode: invalidCredentials (49)
errorMessage: 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece.
A little Google search turned up the following:
Here is a list of Active Directory errors:
525 - user not found
52e - invalid credentials
530 - not permitted to logon at this time
532 - password expired
533 - account disabled
701 - account expired
773 - user must reset password
Hmm, looking at the LDAP bindRequest, which was a simple bind, found that the user had passed domain/userid for the login account. I hadn’t noticed before, that he had used a forward slash (/) instead of a back slash (\). I had him retry and sure enough all was well.