Problem:
An error, like the following, occurs while configuring LDAP authentication for iDashboards:
Issue:
There are many error codes that can be thrown by an LDAP directory. Each error code has a 'AcceptSecurityContext error,data' section followed by an alphanumeric code. This code will let the administrator configuring LDAP authentication know what they are configuring incorrectly. An error code will not display with correct configuration.
Resolution:
There is a chart provided for this type of error that describes the codes after 'AcceptSecurityContext error, data':
|
Error Code |
Description |
|
775 |
user account locked |
|
773 |
user must reset password |
|
701 |
account expired |
|
533 |
account disabled |
|
532 |
password expired (remember to check the user set in osuser.xml also) |
|
531 |
not permitted to logon at this workstation |
|
530 |
not permitted to logon at this time |
|
525 |
user not found |
|
52e |
invalid credentials |
In the example above, 52e means that the credentials are invalid. This most likely means that the Bind pattern is incorrectly formatted.
Since these issues are often originated from Active Directory, consult with the AD administrator on-site for resolution.
In the case of receiving error code 531, it is most likely related to the configuration of the user account in AD. In some cases a user is restricted to login from only one workstation. This is configured in the userWorkstations field of the user. The AD admin needs to check the user account for this field to verify that the proper system name is included in the userWorkstations field or that the field is removed completely.
Applies to:
- Enterprise
- X Platform
- Enterprise Suite
Comments
0 comments
Article is closed for comments.