Mitch_Denis_38

Troubleshooting problems with LDAP

Discussion created by Mitch_Denis_38 on Feb 8, 2013
This information can also be found on our KBE site (KB0011559) at: Detailed Description and Symptoms Using LDAP for a USER object and logging into the UC4 GUI may throw an error back. Below are some examples of these errors: LDAP message 'U0051002 LDAP message 'BindResponse' with result code 'invalidCredentials', message: &03 U0004515 Access violation: User: 'E11384/ADPRODDPROD' Host: 'DCHI040735' Reason: Incorrect logon. U0051002 LDAP message 'SearchResultDone' with result code 'referral', message: 0000202B: RefErr: DSID-0310063C, data 0, 1 access points U0051002 LDAP message 'BindResponse' with result code 'invalidCredentials', message: 8009030C: LdapErr: DSID-0C09043E, comment: AcceptSecurityContext error, data 0, vece When contacting UC4, the first recommendation will be to use a TestLDAP tool that is basically the Microsoft API tool that UC4 uses to authenticate against LDAP. Information on this tool is below. Investigation Attached is a .zip file called TestLDAP.zip.  Instructions on how to use this are below: 1) copy the .zip file to the local disk (e.g. C:\temp) and extract the entire .zip archive Your directory structure should now look like:   C:\Temp\Testldap\bin C:\Temp\Testldap\temp\ldap 2) start a command prompt in the ..\Testldap\bin directory or navigate to the ..\Testldap\bin directory. There are two files: testldap.exe, zu00132.dll   3) Run the test as follows: C:\Temp\Testldap\bin\testldap -s -u -p Use the user that the authentication failed on previously with the error.    A trace will be created: C:\Temp\Testldap\temp\ldap\ldap_trc00.txt Solution If there is an error, this will be output both in the command window and in the ldap trace file (\temp\ldap\ldap_trc00.txt).  This shows that there is something wrong with the connection somewhere.  An LDAP admin should be able to view the command line output and see what the problem is. If help is needed in finding the error message, please send the command line output and the trace file to UC4 Support who will attempt to help. Below is an example of the command line output if the authentication is successful: authentication successful MAIL = something@something.m cn = username distinguishedName = CN=username,OU=ServiceAccounts,OU=Users,OU=WA,OU=US,OU=A DM,DC=domain,DC=domain,DC=domain authentication successful MAIL = something@something.m cn = username distinguishedName = CN=username,OU=ServiceAccounts,OU=Users,OU=WA,OU=US,OU=A DM,DC=domain,DC=domain,DC=domain LDAP test returns: 51002 retText = BindResponse|invalidCredentials|80090308: LdapErr: DSID-0C0904DC, comm ent: AcceptSecurityContext error, data 57, v1db1|

Attachments

Outcomes