Active Directory and Log On To


I’m having a problem when a user account is restricted to some computers in Active Directory (Using the “Log On To” option).

This is the debug.log:

2008.07.14 08:13:16 LdapManager: Created context values, attempting to create context…

2008.07.14 08:13:16 LdapManager: Caught a naming exception when creating InitialContext

javax.naming.AuthenticationException: LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 531, vece

Any idea to unblock this users?

Have you tried adding your chat server to the approved list. technically they are logging on to that server. It is asking AD for authentication credentials.

Yes, I have tried add jabber server to active directory and to users log on to list.

I tested with Windows and GNU/Linux server.

I’m seeing for LDAP protocol used by Openfire with Wireshark and it don’t refer computers in the connection request.

I think that is a problem, when the user is resctricted to some computers.

Anyone knows a solution?

It should not refer to a computer during authentication. You are authenticating via LDAP, not via domain or windows credentials. XMPP has no way of knowing what computer you are authenticating from. That is a windows protocol.