We made a new enhancement to the client around LDAP, to enable login using userPrincipalName
. He was earlier using sAMAccountName
for login. When the user tried to test the application in his test environment, he is getting the following error for userPrincipalName
:
netscape.ldap.LDAPException: error result (49); 80090308: LdapErr: DSID-0C0903C5, comment: AcceptSecurityContext error, data 52e, v23f0 |#]
Which I know is because of invalid credentials of LDAP. But, when he is logging using sAMAccountName
he is able to login.
My web application logs shows that when he is login with userPrincipalName
, it is found in the LDAP but when it tries to connect to LDAP with the username and password, then the above exception is thrown.
Whereas, he is able to successfully login using sAMAccountName
.
The Dn's used as something like below:
OU=IS (Technical Staff),OU=PXXX,DC=pxxx,DC=local , and
OU=Users,OU=PXXX,DC=pxxx,DC=local
Any help to further debug the issue would be highly appreciated.
Please let me know in case you need further details.
- domain is like pxxx.local
- userPrincipalName is like [email protected].
Do I need to make any changes for it to work?