Troubleshooting a user who could neither log in and didn’t appear in the ‘Users’ list, when I enabled the debug log I saw this:
2009.09.07 14:47:29 LdapManager: In LdapManager.checkAuthentication(userDN, password), userDN is: “CN=“Leanne Caines”,OU=“Affiliate/Corporate”,OU=“Users”,OU=“Affiliate Network”,OU=“Business Departments””…
2009.09.07 14:47:29 LdapManager: Created context values, attempting to create context…
2009.09.07 14:47:29 LdapManager: Caught a naming exception when creating InitialContext
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece�]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
She was the only person in that OU, and it’s the only OU which contains a forward slash… so on a hunch that this was a parsing bug, I renamed “Affiliate/Corporate” to “Affiliate and Corporate” (I didn’t dare try an ampersand…) using Windows ADUC and the user could immediately log in.
We’re running Openfire 3.6.4 on Windows.
Cheers,
Gavin.