LDAP error code 49

If you are unable to log into Lawson System Foundation (LSF) environment and getting the following examples of “LDAP error code 49” messages in the LAWDIR/system/security_authen.log.

June 24 13:26:43.779 EDT 2023 – default–539786713: [LDAP: error code 49 – 80090308: LdapErr: DSID-0C090439, comment: AcceptSecurityContext error, data 52e, v4563 ]

June 24 13:26:43.779 EDT 2023 – default–539786713 – L(2) : LDAP Bind failed. DN: CN=Infor,OU=Lawson,OU=Other,DC=us

[LDAP: error code 49 – 80090308: LdapErr: DSID-0C090439, comment: AcceptSecurityContext error, data 52e, v4563 ]

Stack Trace :

javax.naming.AuthenticationException: [LDAP: error code 49 – 80090308: LdapErr: DSID-0C090439, comment: AcceptSecurityContext error, data 52e, v4563 ]

June 21 13:25:17.805 EDT 2023 – default-1015973274: Error encountered while getting users DN. Please see logs for details[9xxxcsntmtl7k222uu027itela] Could Not Bind With privileged identity. User [[email protected]][LDAP: error code 49 – 80090308: LdapErr: DSID-0C090439, comment: AcceptSecurityContext error, data 775, v4563 ]

Stack Trace :

javax.naming.AuthenticationException: [LDAP: error code 49 – 80090308: LdapErr: DSID-0C090439, comment: AcceptSecurityContext error, data 775, v4563 ]

Resolution:

There are several values that can indicate what LDAP function is causing the issue, but usually the most helpful is the AD-specific error code after the word “data” as shown in the examples above where the error code is 52e and 775.

525      user not found

52e      invalid credentials

530      not permitted to logon at this time

531      not permitted to logon at this workstation

532      password expired

533      account disabled

701      account expired

773      user must reset password

775      user account lockedKeywords: