0

I am setting pwdLastSet = 0 for user in ADAM. So while bind operation, I am getting following Exception which is correct as I am resetting password of that user by setting pwdLastSet = 0

javax.naming.AuthenticationException: [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C090311, comment: AcceptSecurityContext error, data 20ee, vece

But after this when I tried to getResponseControl(), it is returning me NULL. What is the reason ? I am expecting that it should return PasswordExpirationControl.

Can anybody help out how to resolve this ?

BND
  • 51
  • 12
  • What query did you use? Is the user in the ADAM instance or in the AD Instance? Some more details are needed. – jwilleke Apr 05 '15 at 08:40
  • @jeemster : I set pwdLastSet = 0 using modifyAttributes() call of JNDI library. The user is in ADAM instance only. What more details do you need ? – BND Apr 06 '15 at 06:30
  • Is the PasswordExpirationControl defined int he rootDSE? – jwilleke Apr 06 '15 at 13:46
  • @jeemster: Nope. PasswordExpirationControl is not defined in the rootDSE. In absence of the same, what error should i get while bind operation ? – BND Apr 07 '15 at 06:13

1 Answers1

0

I would assume an error as you did receive.

javax.naming.AuthenticationException: [LDAP: error code 49 - 8009030C: LdapErr: DSID-0C090311, comment: AcceptSecurityContext error, data 20ee, vece

This message occurs only when one of the following scenarios is true:

  • The account password is expired.
  • The account is locked out.
  • The account password must be changed.

There was also a ADAM 1.1 with Service Pack 1 specific bug, but from what you have provided, I do not think it applies. -jim

jwilleke
  • 10,467
  • 1
  • 30
  • 51