LDAP Error Code and workaround

Source: Internet
Author: User
Tags cas error code ldap tomcat

1. Error code 53

===========================================================================

Issue: A data backend exception occurred while creating a new user

In WebSphere Portal Express, you can set the minimum and maximum length of a password. If you set a password length that is not the same as the LDAP server policy, you may see the following exception when you create the user:

Ejpsg0015e:data Backend Problem com.ibm.websphere.wmm.exception.WMMSystemException:

The following naming Exception occurred during processing:

"Javax.naming.OperationNotSupportedException: [Ldap:error code 53-0000052d:

SVCERR:DSID-031A0FBC, Problem 5003 (will_not_perform), data 0

]; Remaining name ' cn=see1anna,cn=users,dc=wps510,dc=rtp,dc=raleigh,dc=ibm,dc=com ';

Resolved Object Com.sun.jndi.ldap.ldapctx@7075b1b4 ".

Cause: This is because "password does not meet the password policy requirements" causes

Solution:

1. Open Domain Security Policy-security settings-Account policies-password policies-passwords must meet complexity requirements. Define this policy setting to: disabled. /Minimum Password length: Define this policy setting to 0.

2. Open Domain Controller Security Policy-security settings-Account policies-password policies-passwords must meet complexity requirements. Define this policy setting to: disabled. /Minimum Password length: Define this policy setting to 0.

3. Last Run Refresh Group Policy command is: Gpupdate/force

===========================================================================

2. Need to specify class name

===========================================================================

Javax.naming.NoInitialContextException:Need to specify class name in environment or system property, or as an applet para meter, or in an application resource file:java.naming.factory.initial

Cause: Ldapcontext was close (), Ldapcontext=null in the last session;

Solution: not close;

3. Error code 50

===========================================================================

Javax.naming.NoPermissionException: [Ldap:error code 50-00002098:secerr:dsid-03150a45, problem 4003 (insuff_access_r ights), Data 0

4. Error code 68

===========================================================================

Javax.naming.NameAlreadyBoundException: [Ldap:error code 68-00000524:UPDERR:DSID-031A0F4F, problem 6005 (entry_exist S), Data 0

Cause: The created user already exists

7. No Trusted Certificate

===========================================================================

Javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:No Trusted certificate found

1.cas Machine a,a on a,b,c service works well

2.website located on machine B, CAS can intercept requests, jump Javax.net.ssl.SSLHandshakeException

The client-side key generated by a is imported into the B

A run

sudo keytool-genkey-alias tomcat-keyalg rsa-keypass changeit-storepass changeit-keystore server.keystore-validity 3 600

$ keytool-export-trustcacerts-alias tomcat-file server.cer-keystore server.keystore-storepass Changeit

$ sudo keytool-import-trustcacerts-alias tomcat-file server.cer-keystore $JAVA _home/jre/lib/security/cacerts-storep Changeit

b Run the last sentence to

Establish trust relationship, customer, service key, customer multiple place

8. Error code 1

===========================================================================

Javax.naming.NamingException: [Ldap:error code 1-00000000:LDAPERR:DSID-0C090AE2, comment:in order to perform this Op Eration a successful bind must is completed on the connection., data 0, Vece

Cause: When adding a domain user, CTX does not bind the Admin user

Workaround: Ctx.addtoenvironment (Context.security_principal, AdminUser + "@" + ldapproperty.getdomain ());

Ctx.addtoenvironment (Context.security_credentials, adminpwd);

9. Error code 50

==========================================================================

Javax.naming.NoPermissionException: [Ldap:error code 50-00000005:SECERR:DSID-03151E04, problem 4003 (insuff_access_r ights)

Cause: When creating a new domain user, CTX binds to a normal user (the user does not have permission to create a new user)

Workaround: Use an administrator user to bind:

Ctx.addtoenvironment (Context.security_principal, AdminUser + "@" + ldapproperty.getdomain ());

Ctx.addtoenvironment (Context.security_credentials, adminpwd);

Ten. Error code 19

==========================================================================

Javax.naming.directory.InvalidAttributeValueException: [Ldap:error code 19-0000052D:ATRERR:DSID-03190F00, #1:

0:0000052D:DSID-03190F00, Problem 1005 (Constraint_att_type)

Cause: The biggest possibility is that the domain security policy is not satisfied: password complexity, Minimum password age, and mandatory password history. That is, the length, the characters contained, how long you can change the password, whether you can use the history password, etc.

Ldap:error Code 50

==========================================================================

Javax.naming.NoPermissionException: [Ldap:error code 50-00000005:secerr:dsid-031a0f44, problem 4003 (insuff_access_r ights)

Cause: This is the original code to use the Replace operation, the corresponding in the ad is the password reset (the normal user does not have this permission, the administrator can operate), and the remove operation provided by the old password error may also report this exception

RSA Premaster Secret Error

==========================================================================

Javax.naming.CommunicationException:simple bind failed:172.18.20.4:636 [Root exception is Javax.net.ssl.SSLKeyException:RSA premaster Secret ERROR]

Cause: The JDK configured by Tomcat is inconsistent with the JDK that added the certificate. Such as: Certificate storage path is c:/java/jdk1.6.0_10/jre/lib/cacerts and Tomcat configuration jdk is c:/java/jre6, so that the path is inconsistent, SSL authentication, cannot find the certificate

13.No Trusted certificate found

==========================================================================

Javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException:No Trusted certificate found

Cause: The Trust Certificate library file path is incorrect

Workaround: Place the correct project in the/web-inf/classes directory

Error code 49

==========================================================================

Javax.naming.AuthenticationException: [ldap:error code 49-80090308:ldaperr:dsid-0c090334, Comment: AcceptSecurityContext error, data 52e, vece

Cause: Incorrect user name or password

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.