Hi everyone,
I have an AD and an AD/Hybrid user source set up. I am able to verify both user sources, and when verifying the AD one I get my account’s role information returned. When I click “manage users” on the hybrid source, I get all the users after a few seconds. However, whenever I click “manage users” on the AD source, no users or roles are returned. In the logs, I repeatedly get an error fetching the roles and users for the AD profile. The account used for LDAP gateway authentication’s username is “Srvc_IgnitionHUN”. According to this thread, a period in the username was affecting the login. Could the underscore be causing the issue?
Below is the error from the logs:
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090439, comment: AcceptSecurityContext error, data 52e, v4563]
at java.naming/com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapCtx.(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxFromUrl(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)
at java.naming/com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)
at java.naming/javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
at java.naming/javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
at java.naming/javax.naming.InitialContext.init(Unknown Source)
at java.naming/javax.naming.ldap.InitialLdapContext.(Unknown Source)
at com.inductiveautomation.ignition.gateway.authentication.impl.LDAPHelper.openContext(LDAPHelper.java:276)
at com.inductiveautomation.ignition.gateway.authentication.impl.LDAPHelper.search(LDAPHelper.java:339)
at com.inductiveautomation.ignition.gateway.authentication.impl.ActiveDirectoryUserSource.getRoles(ActiveDirectoryUserSource.java:276)
at com.inductiveautomation.ignition.gateway.authentication.UserSourceWrapper.doGetRoles(UserSourceWrapper.java:424)
at com.inductiveautomation.ignition.gateway.authentication.UserSourceWrapper$RoleCacheImpl.doUpdate(UserSourceWrapper.java:305)
at com.inductiveautomation.ignition.gateway.authentication.UserSourceWrapper$RoleCacheImpl.doUpdate(UserSourceWrapper.java:300)
at com.inductiveautomation.ignition.gateway.authentication.AbstractCache$UpdateTask.run(AbstractCache.java:118)
at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.base/java.util.concurrent.FutureTask.run(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
Any help would be appreciated. Thanks.