I’ve running OpenFire 3.6.4, with configured and working AD LDAP connection. (on Windows Server 2003 R2)
Openfire running on
blaster:~# cat /etc/issue
Debian GNU/Linux 5.0 \n \l
blaster:~# uname -a
Linux blaster 2.6.26-1-686 #1 SMP Sat Jan 10 18:29:31 UTC 2009 i686 GNU/Linux
One my client was not able to login with spark, I’ve tryed to login with qip and have no success.
I’ve noticed that user have a fully cyrillic password, and after changing it to exclude cyrillic letter - user was able to login.
Debug log about this user contains:
2010.05.27 09:44:29 LdapManager: Trying to find a user’s DN based on their username. sAMAccountName: omarovam, Base DN: dc=“domain”,DC=“local”…
2010.05.27 09:44:29 LdapManager: Creating a DirContext in LdapManager.getContext()…
2010.05.27 09:44:29 LdapManager: Created hashtable with context values, attempting to create context…
2010.05.27 09:44:29 LdapManager: … context created successfully, returning.
2010.05.27 09:44:29 LdapManager: Starting LDAP search…
2010.05.27 09:44:29 LdapManager: … search finished
2010.05.27 09:44:29 LdapManager: In LdapManager.checkAuthentication(userDN, password), userDN is: CN=“FullUserName”,CN=“Users”…
2010.05.27 09:44:29 LdapManager: Created context values, attempting to create context…
2010.05.27 09:44:29 LdapManager: Caught a naming exception when creating InitialContext
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece^@]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3041)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2789)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2703)
at com.sun.jndi.ldap.LdapCtx.(LdapCtx.java:293)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:288)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.InitialContext.(InitialContext.java:197)
at javax.naming.directory.InitialDirContext.(InitialDirContext.java:82)
at org.jivesoftware.openfire.ldap.LdapManager.checkAuthentication(LdapManager.java :536)
at org.jivesoftware.openfire.ldap.LdapAuthProvider.authenticate(LdapAuthProvider.j ava:115)
at org.jivesoftware.openfire.auth.AuthFactory.authenticate(AuthFactory.java:158)
at org.jivesoftware.openfire.net.XMPPCallbackHandler.handle(XMPPCallbackHandler.ja va:87)
at org.jivesoftware.openfire.sasl.SaslServerPlainImpl.evaluateResponse(SaslServerP lainImpl.java:112)
at org.jivesoftware.openfire.net.SASLAuthentication.handle(SASLAuthentication.java :245)
at org.jivesoftware.openfire.net.StanzaHandler.process(StanzaHandler.java:161)
at org.jivesoftware.openfire.nio.ConnectionHandler.messageReceived(ConnectionHandl er.java:133)
at org.apache.mina.common.support.AbstractIoFilterChain$TailFilter.messageReceived (AbstractIoFilterChain.java:570)
at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)
at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)
at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)
at org.apache.mina.common.IoFilterAdapter.messageReceived(IoFilterAdapter.java:80)
at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)
at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)
at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)
at org.apache.mina.filter.codec.support.SimpleProtocolDecoderOutput.flush(SimplePr otocolDecoderOutput.java:58)
at org.apache.mina.filter.codec.ProtocolCodecFilter.messageReceived(ProtocolCodecF ilter.java:185)
at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(Ab stractIoFilterChain.java:299)
at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilt erChain.java:53)
at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceive d(AbstractIoFilterChain.java:648)
at org.apache.mina.filter.executor.ExecutorFilter.processEvent(ExecutorFilter.java :239)
at org.apache.mina.filter.executor.ExecutorFilter$ProcessEventsRunnable.run(Execut orFilter.java:283)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java: 886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
at java.lang.Thread.run(Thread.java:619)
Java version:
blaster:~# java -version
java version “1.6.0_20”
Java™ SE Runtime Environment (build 1.6.0_20-b02)
Java HotSpot™ Server VM (build 16.3-b01, mixed mode)
Database located in mysql on same host.
blaster:~# mysql -V
mysql Ver 14.14 Distrib 5.1.37, for debian-linux-gnu (i486) using EditLine wrapper
If you need any additional info - feel free to ask.