From: shivaraj on
Hi All,
While connecting to AD via JNDI, I am getting a error like:
javax.naming.AuthenticationNotSupportedException: [LDAP: error code 8
- 00002028: LdapErr: DSID-0C0901FC, comment: The server requires binds
to turn on integrity checking if SSL\TLS are not already active on the
connection, data 0, v1771]

From googling what I came across is, this will be thrown when a
particular flavor of authentication requested is not supported. It may
be specified using specific authentication schemes such those
identified using SASL.

And I also got a hint that, the solution would be to use
env.put("javax.security.sasl.qop","auth-int");

But my query is, I will be running the same LDAP connectivity tool (my
tool) with many customers. So how should I test if they are using
1. Normal LDAP port: 389? or they are using SSL/TSL connection with
different port number ?
2. How to check what security authentication to use ? i.e setting
Context.SECURITY_AUTHENTICATION to "none", "simple", sasl_mech, ?

Is there a sample code which I can run and fetch customer setup
details (about if SSL is enabled or not etc ) before I set my LDAP env
attributes?

Regards,
Shivaraj
From: Ed Crowley [MVP] on
You should post this to an Active Directory forum.
--
Ed Crowley MVP
"There are seldom good technological solutions to behavioral problems."
..

"shivaraj" <shivaraj.malannavar(a)gmail.com> wrote in message
news:6f60bccf-02b7-4550-a507-8e3c046185f8(a)q12g2000yqj.googlegroups.com...
> Hi All,
> While connecting to AD via JNDI, I am getting a error like:
> javax.naming.AuthenticationNotSupportedException: [LDAP: error code 8
> - 00002028: LdapErr: DSID-0C0901FC, comment: The server requires binds
> to turn on integrity checking if SSL\TLS are not already active on the
> connection, data 0, v1771]
>
> From googling what I came across is, this will be thrown when a
> particular flavor of authentication requested is not supported. It may
> be specified using specific authentication schemes such those
> identified using SASL.
>
> And I also got a hint that, the solution would be to use
> env.put("javax.security.sasl.qop","auth-int");
>
> But my query is, I will be running the same LDAP connectivity tool (my
> tool) with many customers. So how should I test if they are using
> 1. Normal LDAP port: 389? or they are using SSL/TSL connection with
> different port number ?
> 2. How to check what security authentication to use ? i.e setting
> Context.SECURITY_AUTHENTICATION to "none", "simple", sasl_mech, ?
>
> Is there a sample code which I can run and fetch customer setup
> details (about if SSL is enabled or not etc ) before I set my LDAP env
> attributes?
>
> Regards,
> Shivaraj