Hi,
Have a strange problem with LDAP AD Authentication.
Current environment :
Bo server : BO6.5 SP3 (Infoview, BCA, WebI) which runs on a Windows 2003 Server
LDAP MS Active Directory on a W2K domain (not 2003 domain !)
The problem is that password authentication for a NEW user works perfectly but NOT for an existing user. By existing I mean “old” users that originally came from a NT4 domain. They have been migrated to a W2K domain.
I investigated the securityconnector logfile and this shows for each logon the result of the ldap query.
BOTH old (migrated) and new users are found in AD, their security groups are shown in the logfile but when validating the password we get LDAP error = 49. This indicates invalid credentials.
We already cross-checked an old with new account with an ldap browser but could not find any differences. All properties concerning password encryption (eg. reverse encryption) are identical.
Has anyone already encountered similar problems. To clarify the situation I’ll include part of the securityconnector logfile showing entries for a good and bad validation.
All passwords are valid because simple domain logons do work o it is a mystery why it does not work for the migrated users.
This post belongs in the Security forum but I do not have the right to post something there so I had to put in the the General Discussion forum (sorry for this :? )
securityConnector.txt (1.0 KB)
ebms123 
(BOB member since 2006-06-13)