The exception is org.springframework.security.AuthenticationServiceException: [LDAP: error code 49 – 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece

//*********
jcifs.smb.SmbException: Connection timeoutjcifs.util.transport.TransportException: Connection timeout
at jcifs.util.transport.Transport.connect(Transport.java:178)
at jcifs.smb.SmbTransport.connect(SmbTransport.java:293)
at jcifs.smb.SmbSession.getChallenge(SmbSession.java:146)
at jcifs.smb.SmbSession.getChallenge(SmbSession.java:140)

//**********

Any ideas what is occuring?

Any advice on how to do that would be appreciated.

Thanks!

I tried the NTLM authentication and it works well, but only for the first user.
If another user try to connect, he can’t and the logger says “Credentials xxx were not accepted by the domain controller” (Credentials provided are good, no doubt on this).

Did anyone managed to authenticate multiple users?

Rgs

The problem with service account is that we need to configure users with service account (account to company policy) and when I am doing this way authencation is failing .

Can you help me to provide some good links of ldap documents either by acegi or spring ldap security plugin.

Thanks

The easiest solution to your problem would be to have your Active Directory admins create a service account for you. The account could be configured to never have it’s password expire.

If that is not an option, you may be able to get away with using Spring Security LDAP with the “BindAuthenticator” option. This effectively tries to login as the user who’s details have been entered.

I am using acegi plugin in my project . but the problem with acegi plugin is we are using active direcoty so the account password is expiring after some time. So we are looking for approach in which password does not expire or dont need to use mngr and password .

I want to know is this poosible use acegi plugin without using mngr and password.

I am also trying to use spring ldap security plugin but facing some configuration issues in that also.

Please help me to resolve this issue.

Thanks

Thanks for your help
indeed ldapSearchSubtree = true, this is what I wanted.

Thanks a ton.

Have some questions coming up for you in the pipeline.

I’m afraid I don’t have any experience with the SSL scenario you’ve described, so I’m not going to be of much assistance there.

As for the issue of the two sets of users. You should be able to set your ldapSearchBase to ‘dc=global, dc=myCompany, dc=com, ou=EMEA, ou=London’ and set the ldapSearchSubtree to true, and it will find any users at that branch of the LDAP hierarchy, or below. You can go up as high in the tree as you like also, like up to ‘dc=global,dc=myCompany,dc=com’. Then any LDAP record with an attribute that matches the LDAP query you have in ldapSearchFilter will be found and treated as a user.