Re: Unable to bind with new ADAM accounts
From: Everest25 (Everest25_at_discussions.microsoft.com)
Date: 11/24/04
- Next message: Dave Slinn: "Re: Determining how and why an object was updated."
- Previous message: Thorsten Schmitt: "Re: DS Get in Windows 2003 Domain"
- In reply to: Lee Flight: "Re: Unable to bind with new ADAM accounts"
- Next in thread: Joe Kaplan \(MVP - ADSI\): "Re: Unable to bind with new ADAM accounts"
- Reply: Joe Kaplan \(MVP - ADSI\): "Re: Unable to bind with new ADAM accounts"
- Reply: Lee Flight: "Re: Unable to bind with new ADAM accounts"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 24 Nov 2004 07:39:03 -0800
We've checked the msDS-UserAccount Disabled attribute and it is FALSE.
These machines are not in a domain so they are using the local password
policy, which we've checked and they are good. We've been using command line
utility ldapsearch.exe to check authentication, which we get the error
invalid credentials.
Everest25
"Lee Flight" wrote:
> If the account is a native ADAM user then a likely cause is that the
> msDS-UserAccountDisabled attribute on the user is set to TRUE, it needs
> to be set to FALSE for the account to be able to authenticate. If you are
> running under W2K3, you will need to make sure that any passwords you
> set satisfy the local machine or domain password complexity for the W2K3
> server for the account to be created as enabled.
>
> You do not say how you are attempting to bind, recall that for the simple
> bind of a native ADAM user the username must be the distinguishedName
> of the user object (or the UPN if you have set one). You can check binding
> with ldp.exe:
>
> Connection menu -> Connect (specify your ADAM server and port)
> Connection menu -> Bind (user: <distinguishedName of user>,Password (as
> set), clear the Domain check box)
>
> Hope this helps
> Lee Flight
>
> "Everest25" <Everest25@discussions.microsoft.com> wrote in message
> news:7E55DB2A-6C0B-4D5B-BE0E-2C5F0DB06C25@microsoft.com...
> > Recently we've noticed that whenever we create a new ADAM account and then
> > try to bind to a ADAM instance that we get an error saying invalid
> > credentials. We've checked all of the normal things (password,
> > groups...etc.). Does anyone have any ideas what could be causing this?
>
>
>
- Next message: Dave Slinn: "Re: Determining how and why an object was updated."
- Previous message: Thorsten Schmitt: "Re: DS Get in Windows 2003 Domain"
- In reply to: Lee Flight: "Re: Unable to bind with new ADAM accounts"
- Next in thread: Joe Kaplan \(MVP - ADSI\): "Re: Unable to bind with new ADAM accounts"
- Reply: Joe Kaplan \(MVP - ADSI\): "Re: Unable to bind with new ADAM accounts"
- Reply: Lee Flight: "Re: Unable to bind with new ADAM accounts"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
