Hello
openfire_4_6_7 - installation on windows server in 2012,
Error when connecting to Active Directory server:
[LDAP: error code 8 - 00002028: LdapErr: DSID-0C090252, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v1db1]
Base DN dc=activedirectory, dc=jivesoftware, dc=com
Administrator DN user
are you trying to connect using ldap or ldap(s)? domain controllers dont support ldaps out of the box, but thats what openfire defaults do, so youāll want to change that
If ldaps:
Error connecting to LDAP server. Make sure the server directory works with the specified host name and port, and that the firewall is not blocking access to the server.
If ldap:
Authentication failed with LDAP server. Check the provided credentials.
Login and password are correct
Only on one user (Administrator DN) gives an error
[LDAP: error code 8 - 00002028: LdapErr: DSID-0C090252, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v1db1]
also, the account does not need to be a privileged level account despite the term āadministratorā being used. a non-privileged account should be used, as this account is only used for connecting and reading ldap.
ldap
If I use user@domain then the error is:
[LDAP: error code 8 - 00002028: LdapErr: DSID-0C090252, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v1db1]
introduced different users
Now same error
[LDAP: error code 8 - 00002028: LdapErr: DSID-0C090252, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v1db1]
Currently, when using administrator user:
Authentication failed with LDAP server. Check the provided credentials.
If a regular user:
[LDAP: error code 8 - 00002028: LdapErr: DSID-0C090252, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v1db1]
uncheck startls - you can only use this if you have a certificate on your domain controller and are setup for that. most are not setup for this out of the box.