This article is a mirror article of machine translation, please click here to jump to the original article.

Architect_Programmer_Code Agriculture Network»Architect Programming Technical chat LdapErr: DSID-0C09042A, comment: AcceptSecurityConte ...
View: 7745|Reply: 1

LdapErr: DSID-0C09042A, comment: AcceptSecurityContext error, data 52e, v3839

[Copy link]
Posted on 11/26/2021 2:01:55 PM | | | |
When logging in with an integrated AD domain, when invoked through program code or through curl command, the following errors may be reported:

[LDAP: error code 49 - 80090308: LdapErr: DSID-0C09042A, comment: AcceptSecurityContext error, data 52e, v3839

* LDAP remote: bind failed Success 80090308: LdapErr: DSID-0C09042A, comment: AcceptSecurityContext error, data 52e, v3839
* Closing connection 0
curl: (67) LDAP remote: bind failed Success 80090308: LdapErr: DSID-0C09042A, comment: AcceptSecurityContext error, data 52e, v3839



A command error code is a character after "data" and before a text like "vece" or "v893". In fact, these error codes are returned with the binding process.

525The user does not exist
52eInvalid passwords or credentials
530Logins are not allowed at this time
531Logins are not allowed on this workstation
532Password expired
533Account disabled
701Account expiration
773The user must reset the password
775User account lockout


General Active Directory LDAP binding errors:

80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data  525 , v893
HEX: 0x525 - The user does not exist
Decimal: 1317 - ERROR_NO_SUCH_USER (Specified account does not exist.)
Note: Returns when the username is invalid

80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 52e, v893
HEX: 0x52e - Invalid credentials
Decimal: 1326 - ERROR_LOGON_FAILURE (Login failed, unknown username or password error.)
Note: Returns when the username is valid but the password or credential is invalid.


80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 530, v893
HEX: 0x530 - Login is prohibited at this point
Decimal: 1328 - ERROR_INVALID_LOGON_HOURS (Login failed, login time violation.)
Note: This value is returned only if the correct username and password or credentials are entered. Indicates that the user has been banned from logging in

80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 531, v893
HEX: 0x531 - This user is prohibited from logging in at the current workstation
Decimal: 1329 - ERROR_INVALID_WORKSTATION (Login failed, the user was not allowed to log in on this computer.)
LDAP[userWorkstations: <multivalued list of workstation names>]
Note: This value is returned only when the correct username and password or credentials are entered.

80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 532, v893
HEX: 0x532 - Password expired
Decimal: 1330 - ERROR_PASSWORD_EXPIRED (Login failed, specified account password expired.)
LDAP[userAccountControl: <bitmask=0x00800000>] - PASSWORDEXPIRED
Note: This value is returned when the correct username and password or credentials are entered.

80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 533, v893
HEX: 0x533 - The account is disabled
Decimal: 1331 - ERROR_ACCOUNT_DISABLED (Login failed, account is currently disabled.)
LDAP[userAccountControl: <bitmask=0x00000002>] - ACCOUNTDISABLE
Note: This value is returned when the correct username and password or credentials are entered.


80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 701, v893
HEX: 0x701 - The account has expired
Decimal: 1793 - ERROR_ACCOUNT_EXPIRED (User account expired.)
LDAP[accountExpires: <value of -1, 0, or extemely large value indicates account will not expire>] - ACCOUNTEXPIRED
Note: This value is returned when the correct username and password or credentials are entered.


80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 773, v893
HEX: 0x773 - Account password must be reset
Decimal: 1907 – ERROR_PASSWORD_MUST_CHANGE (User password must be changed before the first login.)
LDAP[pwdLastSet: <value of 0 indicates admin-required password change>] - MUST_CHANGE_PASSWD
Note: This value is returned when the correct username and password or credentials are entered.


80090308: LdapErr: DSID-0C09030B, comment: AcceptSecurityContext error, data 775, v893
HEX: 0x775 - The account is locked
Decimal: 1909 - ERROR_ACCOUNT_LOCKED_OUT (The account is currently locked and may not be logged on to.)
LDAP[userAccountControl: <bitmask=0x00000010>] - LOCKOUT
Note: This value may be returned even if the wrong password is entered




Previous:Comparison of the testing tools LoadRunner and Jmeter
Next:The difference between Docker's save and export commands

Related Posts
 Landlord| Posted on 11/26/2021 2:03:39 PM |
OpenLDAP custom objectclass and properties
https://www.itsvse.com/thread-9279-1-1.html

OpenLDAP Series (3) OpenLDAP commands are explained in detail
https://www.itsvse.com/thread-9276-1-1.html

OpenLDAP:Failed to start OpenLDAP Server Daemon.
https://www.itsvse.com/thread-9275-1-1.html

OpenLDAP Series (2) Centos 7 Installation OpenLDAP Tutorial
https://www.itsvse.com/thread-9274-1-1.html

OpenLDAP Series (1) Introduction to LDAP
https://www.itsvse.com/thread-9273-1-1.html
Disclaimer:
All software, programming materials or articles published by Code Farmer Network are only for learning and research purposes; The above content shall not be used for commercial or illegal purposes, otherwise, users shall bear all consequences. The information on this site comes from the Internet, and copyright disputes have nothing to do with this site. You must completely delete the above content from your computer within 24 hours of downloading. If you like the program, please support genuine software, purchase registration, and get better genuine services. If there is any infringement, please contact us by email.
Mail To:help@itsvse.com