Project

General

Profile

Actions

Defect #20699

open

ldap error - not permitted to logon at this workstation

Added by Alexander Ryabinovskiy about 9 years ago. Updated almost 7 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
LDAP
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Affected version:

Description

I configured "LDAP authentication" for our Active Directory.
On Windows 2003 server x68 and Windows 2012 server x64 login attempts ends with the error (logged using WireShark):

LDAPMessage bindResponse(1) invalidCredentials (80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 531, vece)

which means "not permitted to logon at this workstation". The solution is to add AD server to "userWorkstations" list of each domain user, and it works. But it is a bad solution and our administrators does not accept this.
This behavior was commented a year ago:
#1913#note-29


Files

redmine_auth_source_ldap_531fix.diff (1.12 KB) redmine_auth_source_ldap_531fix.diff Alexander Ryabinovskiy, 2017-12-13 12:15
Actions

Also available in: Atom PDF