LDAP Error Code 49
Symptoms
Users are unable to log in. The following error is encountered:
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 701, v1db0]
Causes
There could be many reasons for this issue. Please check the error code (in the example above, it's 701) and match it with the description in the following table:
Error Code | Description |
|---|---|
525 | user not found |
52e | invalid credentials |
530 | not permitted to logon at this time |
531 | not permitted to logon at this workstation |
532 | password expired (remember to check the user set in osuser.xml also) |
533 | account disabled |
701 | account expired |
773 | user must reset password |
775 | user account locked |
In the example above, the error code is 701 (account expired).
Resolution
Since the issue is often originated from Active Directory, consult with the AD administrator for resolution.