Support Questions

We have a binddn account with a space in the name cn=account,ou=System Accounts,dc=my,dc=domain,dc=com. Keep getting ldap 49 data 52e. All pertinent certificates are in the zeppelin truststore. Using activedirectorygrouprealm.

Any working example configs for ldaps on 636 for active directory would be most welcome.

***

Caused by: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C09042F, comment: AcceptSecurityContext error, data 52e, v2580] at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3154) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3100) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2886) at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2800) at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210) at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153) at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83) at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) at javax.naming.InitialContext.init(InitialContext.java:244) at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) at org.apache.shiro.realm.ldap.DefaultLdapContextFactory.createLdapContext(DefaultLdapContextFactory.java:276) at org.apache.shiro.realm.ldap.DefaultLdapContextFactory.getLdapContext(DefaultLdapContextFactory.java:263) at org.apache.shiro.realm.ldap.DefaultLdapContextFactory.getLdapContext(DefaultLdapContextFactory.java:224) at org.apache.shiro.realm.ldap.DefaultLdapContextFactory.getSystemLdapContext(DefaultLdapContextFactory.java:205) at org.apache.zeppelin.realm.ActiveDirectoryGroupRealm.queryForAuthorizationInfo(ActiveDirectoryGroupRealm.java:240) at org.apache.zeppelin.realm.ActiveDirectoryGroupRealm.doGetAuthorizationInfo(ActiveDirectoryGroupRealm.java:139) ... 69 more WARN [2018-08-28 19:36:32,267] ({qtp2136344592-17 - /api/login} HttpChannel.java[handleException]:482) - Could not send response error 500: javax.servlet.ServletException: org.apache.shiro.authz.AuthorizationException: LDAP naming error while attempting to retrieve authorization for user [ldapsmothra].