Automic Workload Automation

Hello,

I've recently deployed a 24.3 test instance to test out upgrading our 21.0.11 environment. I've run into a snag with the LDAP integration after the upgrade. LDAP no longer works using the same settings as our 21.0.11. I've tried a few different configurations listed out in the documentation, but nothing seems to change and the error is shown below. The documentation indicates TLS is optional for an on prem deployment so I wouldn't think we would need to stray from our original settings. Did anyone else experience this type of situation on an upgrade? Any help is appreciated

The error I am seeing in the WP log is

Error in WP log (I've removed references to the domain and user account)

20250205/145650.588 - 46     U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\MYUSERNAME'.

20250205/145650.595 - 46     U00045014 Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090511, comment: AcceptSecurityContext error, data 52e, v4563 ]"' at 'com.sun.jndi.ldap.LdapCtx.mapErrorCode():3259'.

20250205/145650.598 - 46     U00045040 LDAP check with logon user 'DOMAIN.LOCAL\MYUSERNAME' failed.

Here is our functioning configuration for 21.011

Hi Ben,

the error message number in "data 52e" stands for "invalid credentials". Please check the userid/password of the user.

regards,
Peter

Hello,

I've recently deployed a 24.3 test instance to test out upgrading our 21.0.11 environment. I've run into a snag with the LDAP integration after the upgrade. LDAP no longer works using the same settings as our 21.0.11. I've tried a few different configurations listed out in the documentation, but nothing seems to change and the error is shown below. The documentation indicates TLS is optional for an on prem deployment so I wouldn't think we would need to stray from our original settings. Did anyone else experience this type of situation on an upgrade? Any help is appreciated

The error I am seeing in the WP log is

Error in WP log (I've removed references to the domain and user account)

20250205/145650.588 - 46     U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\MYUSERNAME'.

20250205/145650.595 - 46     U00045014 Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090511, comment: AcceptSecurityContext error, data 52e, v4563 ]"' at 'com.sun.jndi.ldap.LdapCtx.mapErrorCode():3259'.

20250205/145650.598 - 46     U00045040 LDAP check with logon user 'DOMAIN.LOCAL\MYUSERNAME' failed.

Here is our functioning configuration for 21.011

Hello,

I've recently deployed a 24.3 test instance to test out upgrading our 21.0.11 environment. I've run into a snag with the LDAP integration after the upgrade. LDAP no longer works using the same settings as our 21.0.11. I've tried a few different configurations listed out in the documentation, but nothing seems to change and the error is shown below. The documentation indicates TLS is optional for an on prem deployment so I wouldn't think we would need to stray from our original settings. Did anyone else experience this type of situation on an upgrade? Any help is appreciated

The error I am seeing in the WP log is

Error in WP log (I've removed references to the domain and user account)

20250205/145650.588 - 46     U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\MYUSERNAME'.

20250205/145650.595 - 46     U00045014 Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090511, comment: AcceptSecurityContext error, data 52e, v4563 ]"' at 'com.sun.jndi.ldap.LdapCtx.mapErrorCode():3259'.

20250205/145650.598 - 46     U00045040 LDAP check with logon user 'DOMAIN.LOCAL\MYUSERNAME' failed.

Here is our functioning configuration for 21.011

Hi Ben,

• why you use AUTHENTICATION ? remove and try again.
• if this same , try to put login on SYNC_LOGIN
• if this same , try to put VERSION

Thanks.

Hello,

I've recently deployed a 24.3 test instance to test out upgrading our 21.0.11 environment. I've run into a snag with the LDAP integration after the upgrade. LDAP no longer works using the same settings as our 21.0.11. I've tried a few different configurations listed out in the documentation, but nothing seems to change and the error is shown below. The documentation indicates TLS is optional for an on prem deployment so I wouldn't think we would need to stray from our original settings. Did anyone else experience this type of situation on an upgrade? Any help is appreciated

The error I am seeing in the WP log is

Error in WP log (I've removed references to the domain and user account)

20250205/145650.588 - 46     U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\MYUSERNAME'.

20250205/145650.595 - 46     U00045014 Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090511, comment: AcceptSecurityContext error, data 52e, v4563 ]"' at 'com.sun.jndi.ldap.LdapCtx.mapErrorCode():3259'.

20250205/145650.598 - 46     U00045040 LDAP check with logon user 'DOMAIN.LOCAL\MYUSERNAME' failed.

Here is our functioning configuration for 21.011

Hello,

I've recently deployed a 24.3 test instance to test out upgrading our 21.0.11 environment. I've run into a snag with the LDAP integration after the upgrade. LDAP no longer works using the same settings as our 21.0.11. I've tried a few different configurations listed out in the documentation, but nothing seems to change and the error is shown below. The documentation indicates TLS is optional for an on prem deployment so I wouldn't think we would need to stray from our original settings. Did anyone else experience this type of situation on an upgrade? Any help is appreciated

The error I am seeing in the WP log is

Error in WP log (I've removed references to the domain and user account)

20250205/145650.588 - 46     U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\MYUSERNAME'.

20250205/145650.595 - 46     U00045014 Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090511, comment: AcceptSecurityContext error, data 52e, v4563 ]"' at 'com.sun.jndi.ldap.LdapCtx.mapErrorCode():3259'.

20250205/145650.598 - 46     U00045040 LDAP check with logon user 'DOMAIN.LOCAL\MYUSERNAME' failed.

Here is our functioning configuration for 21.011

Hello, the reason is that TLS default was modified to Y in v24, whereas it was set to N by default on v21.

This should be fixed in the documentation soon.

Please add TLS with value N and that should do.

Adrian

Hello,

I've recently deployed a 24.3 test instance to test out upgrading our 21.0.11 environment. I've run into a snag with the LDAP integration after the upgrade. LDAP no longer works using the same settings as our 21.0.11. I've tried a few different configurations listed out in the documentation, but nothing seems to change and the error is shown below. The documentation indicates TLS is optional for an on prem deployment so I wouldn't think we would need to stray from our original settings. Did anyone else experience this type of situation on an upgrade? Any help is appreciated

The error I am seeing in the WP log is

Error in WP log (I've removed references to the domain and user account)

20250205/145650.588 - 46     U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\MYUSERNAME'.

20250205/145650.595 - 46     U00045014 Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090511, comment: AcceptSecurityContext error, data 52e, v4563 ]"' at 'com.sun.jndi.ldap.LdapCtx.mapErrorCode():3259'.

20250205/145650.598 - 46     U00045040 LDAP check with logon user 'DOMAIN.LOCAL\MYUSERNAME' failed.

Here is our functioning configuration for 21.011

Hi Adrian,

   I changed up my configuration to include TLS = N but this did not change the behavior. The error remained the same

Per some of the other responses to this post. I went to our other  V21 test environment and removed AUTHENTICATION and replaced it with VERSION and then that environment started producing the same error as I am seeing in V24. I am not sure if this is telling me there is some sort of attribute mapping issue and I should be using some other option in our LDAP VARA. So the problem persists while I try out some other options. Thanks for your help and any more suggestions you may have.

Original Message:
Sent: Feb 19, 2025 03:46 AM
From: Adrian Fresno Menendez
Subject: LDAP no longer working after 24.3 upgrade from 21.0.11

Hello, the reason is that TLS default was modified to Y in v24, whereas it was set to N by default on v21.

This should be fixed in the documentation soon.

Please add TLS with value N and that should do.

Adrian

Original Message:
Sent: Feb 18, 2025 10:41 AM
From: BEN BAEZ
Subject: LDAP no longer working after 24.3 upgrade from 21.0.11

Hello,

I've recently deployed a 24.3 test instance to test out upgrading our 21.0.11 environment. I've run into a snag with the LDAP integration after the upgrade. LDAP no longer works using the same settings as our 21.0.11. I've tried a few different configurations listed out in the documentation, but nothing seems to change and the error is shown below. The documentation indicates TLS is optional for an on prem deployment so I wouldn't think we would need to stray from our original settings. Did anyone else experience this type of situation on an upgrade? Any help is appreciated

The error I am seeing in the WP log is

Error in WP log (I've removed references to the domain and user account)

20250205/145650.588 - 46     U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\MYUSERNAME'.

20250205/145650.595 - 46     U00045014 Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090511, comment: AcceptSecurityContext error, data 52e, v4563 ]"' at 'com.sun.jndi.ldap.LdapCtx.mapErrorCode():3259'.

20250205/145650.598 - 46     U00045040 LDAP check with logon user 'DOMAIN.LOCAL\MYUSERNAME' failed.

Here is our functioning configuration for 21.011

Hello,

I've recently deployed a 24.3 test instance to test out upgrading our 21.0.11 environment. I've run into a snag with the LDAP integration after the upgrade. LDAP no longer works using the same settings as our 21.0.11. I've tried a few different configurations listed out in the documentation, but nothing seems to change and the error is shown below. The documentation indicates TLS is optional for an on prem deployment so I wouldn't think we would need to stray from our original settings. Did anyone else experience this type of situation on an upgrade? Any help is appreciated

The error I am seeing in the WP log is

Error in WP log (I've removed references to the domain and user account)

20250205/145650.588 - 46     U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\MYUSERNAME'.

20250205/145650.595 - 46     U00045014 Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090511, comment: AcceptSecurityContext error, data 52e, v4563 ]"' at 'com.sun.jndi.ldap.LdapCtx.mapErrorCode():3259'.

20250205/145650.598 - 46     U00045040 LDAP check with logon user 'DOMAIN.LOCAL\MYUSERNAME' failed.

Here is our functioning configuration for 21.011

This is how our LDAP VARA object looks like on our version 21.0.5 hf 4

Hello,

I've recently deployed a 24.3 test instance to test out upgrading our 21.0.11 environment. I've run into a snag with the LDAP integration after the upgrade. LDAP no longer works using the same settings as our 21.0.11. I've tried a few different configurations listed out in the documentation, but nothing seems to change and the error is shown below. The documentation indicates TLS is optional for an on prem deployment so I wouldn't think we would need to stray from our original settings. Did anyone else experience this type of situation on an upgrade? Any help is appreciated

The error I am seeing in the WP log is

Error in WP log (I've removed references to the domain and user account)

20250205/145650.588 - 46     U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\MYUSERNAME'.

20250205/145650.595 - 46     U00045014 Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090511, comment: AcceptSecurityContext error, data 52e, v4563 ]"' at 'com.sun.jndi.ldap.LdapCtx.mapErrorCode():3259'.

20250205/145650.598 - 46     U00045040 LDAP check with logon user 'DOMAIN.LOCAL\MYUSERNAME' failed.

Here is our functioning configuration for 21.011

Hi Cristian,

 Do you use an Oracle or SQL database? The VERSION key doesn't work for me in V21 or V24. I believed this was something used for oracle databases. We are on SQL but I am not sure that makes a difference yet. Thanks for your input.

This is how our LDAP VARA object looks like on our version 21.0.5 hf 4

Hello,

I've recently deployed a 24.3 test instance to test out upgrading our 21.0.11 environment. I've run into a snag with the LDAP integration after the upgrade. LDAP no longer works using the same settings as our 21.0.11. I've tried a few different configurations listed out in the documentation, but nothing seems to change and the error is shown below. The documentation indicates TLS is optional for an on prem deployment so I wouldn't think we would need to stray from our original settings. Did anyone else experience this type of situation on an upgrade? Any help is appreciated

The error I am seeing in the WP log is

Error in WP log (I've removed references to the domain and user account)

20250205/145650.588 - 46     U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\MYUSERNAME'.

20250205/145650.595 - 46     U00045014 Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090511, comment: AcceptSecurityContext error, data 52e, v4563 ]"' at 'com.sun.jndi.ldap.LdapCtx.mapErrorCode():3259'.

20250205/145650.598 - 46     U00045040 LDAP check with logon user 'DOMAIN.LOCAL\MYUSERNAME' failed.

Here is our functioning configuration for 21.011

Hello,

I've recently deployed a 24.3 test instance to test out upgrading our 21.0.11 environment. I've run into a snag with the LDAP integration after the upgrade. LDAP no longer works using the same settings as our 21.0.11. I've tried a few different configurations listed out in the documentation, but nothing seems to change and the error is shown below. The documentation indicates TLS is optional for an on prem deployment so I wouldn't think we would need to stray from our original settings. Did anyone else experience this type of situation on an upgrade? Any help is appreciated

The error I am seeing in the WP log is

Error in WP log (I've removed references to the domain and user account)

20250205/145650.588 - 46     U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\MYUSERNAME'.

20250205/145650.595 - 46     U00045014 Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090511, comment: AcceptSecurityContext error, data 52e, v4563 ]"' at 'com.sun.jndi.ldap.LdapCtx.mapErrorCode():3259'.

20250205/145650.598 - 46     U00045040 LDAP check with logon user 'DOMAIN.LOCAL\MYUSERNAME' failed.

Here is our functioning configuration for 21.011

One thing that I have noticed that makes me thing there is some sort of mapping situation is that when I look in at a successful login in V21.0.11 the message is  as follows.

U00003205 Logon of 'Ben Baez' ('USERNAME/DOMAIN.LOCAL'), client: '0010' accepted by host 'SERVER'. Client version = '21.0.11+build.1720086822060', type='Java-API' (connection='*CP003#00000027').

In V24.3 the failure shows  

U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\USERNAME'

I'm not sure if this is just how the logging is displayed or if it is passing the credentials backwards and this is why it is failing.

Hello,

I've recently deployed a 24.3 test instance to test out upgrading our 21.0.11 environment. I've run into a snag with the LDAP integration after the upgrade. LDAP no longer works using the same settings as our 21.0.11. I've tried a few different configurations listed out in the documentation, but nothing seems to change and the error is shown below. The documentation indicates TLS is optional for an on prem deployment so I wouldn't think we would need to stray from our original settings. Did anyone else experience this type of situation on an upgrade? Any help is appreciated

The error I am seeing in the WP log is

Error in WP log (I've removed references to the domain and user account)

20250205/145650.588 - 46     U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\MYUSERNAME'.

20250205/145650.595 - 46     U00045014 Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090511, comment: AcceptSecurityContext error, data 52e, v4563 ]"' at 'com.sun.jndi.ldap.LdapCtx.mapErrorCode():3259'.

20250205/145650.598 - 46     U00045040 LDAP check with logon user 'DOMAIN.LOCAL\MYUSERNAME' failed.

Here is our functioning configuration for 21.011

Hi Ben Baez and Team,

we are also facing same error after upgraded to 24.4 from version 21. Please share me details if you find the solution

U00045033 Log on to LDAP server 'ldapad.server.abc.abc.abc:389' with user 'prod.ad.abc.abc.abc.com\user1'.
 U00045014 Exception 'javax.naming.CommunicationException: "ldapad.server.abc.abc.abc:389"' at 'com.sun.jndi.ldap.Connection.<init>()'.
 U00045015 The previous error was caused by 'java.net.SocketException: "Connection reset"' at 'sun.nio.ch.NioSocketImpl.implRead()'.
U00045040 LDAP check with logon user ''prod.ad.abc.abc.abc.com\user1' failed

One thing that I have noticed that makes me thing there is some sort of mapping situation is that when I look in at a successful login in V21.0.11 the message is  as follows.

U00003205 Logon of 'Ben Baez' ('USERNAME/DOMAIN.LOCAL'), client: '0010' accepted by host 'SERVER'. Client version = '21.0.11+build.1720086822060', type='Java-API' (connection='*CP003#00000027').

In V24.3 the failure shows  

U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\USERNAME'

I'm not sure if this is just how the logging is displayed or if it is passing the credentials backwards and this is why it is failing.

Hello,

I've recently deployed a 24.3 test instance to test out upgrading our 21.0.11 environment. I've run into a snag with the LDAP integration after the upgrade. LDAP no longer works using the same settings as our 21.0.11. I've tried a few different configurations listed out in the documentation, but nothing seems to change and the error is shown below. The documentation indicates TLS is optional for an on prem deployment so I wouldn't think we would need to stray from our original settings. Did anyone else experience this type of situation on an upgrade? Any help is appreciated

The error I am seeing in the WP log is

Error in WP log (I've removed references to the domain and user account)

20250205/145650.588 - 46     U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\MYUSERNAME'.

20250205/145650.595 - 46     U00045014 Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090511, comment: AcceptSecurityContext error, data 52e, v4563 ]"' at 'com.sun.jndi.ldap.LdapCtx.mapErrorCode():3259'.

20250205/145650.598 - 46     U00045040 LDAP check with logon user 'DOMAIN.LOCAL\MYUSERNAME' failed.

Here is our functioning configuration for 21.011

Hi Ben Baez and Team,

we are also facing same error after upgraded to 24.4 from version 21. Please share me details if you find the solution

U00045033 Log on to LDAP server 'ldapad.server.abc.abc.abc:389' with user 'prod.ad.abc.abc.abc.com\user1'.
 U00045014 Exception 'javax.naming.CommunicationException: "ldapad.server.abc.abc.abc:389"' at 'com.sun.jndi.ldap.Connection.<init>()'.
 U00045015 The previous error was caused by 'java.net.SocketException: "Connection reset"' at 'sun.nio.ch.NioSocketImpl.implRead()'.
U00045040 LDAP check with logon user ''prod.ad.abc.abc.abc.com\user1' failed

Original Message:
Sent: Feb 20, 2025 01:25 PM
From: BEN BAEZ
Subject: LDAP no longer working after 24.3 upgrade from 21.0.11

One thing that I have noticed that makes me thing there is some sort of mapping situation is that when I look in at a successful login in V21.0.11 the message is  as follows.

U00003205 Logon of 'Ben Baez' ('USERNAME/DOMAIN.LOCAL'), client: '0010' accepted by host 'SERVER'. Client version = '21.0.11+build.1720086822060', type='Java-API' (connection='*CP003#00000027').

In V24.3 the failure shows  

U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\USERNAME'

I'm not sure if this is just how the logging is displayed or if it is passing the credentials backwards and this is why it is failing.

Original Message:
Sent: Feb 18, 2025 10:41 AM
From: BEN BAEZ
Subject: LDAP no longer working after 24.3 upgrade from 21.0.11

Hello,

I've recently deployed a 24.3 test instance to test out upgrading our 21.0.11 environment. I've run into a snag with the LDAP integration after the upgrade. LDAP no longer works using the same settings as our 21.0.11. I've tried a few different configurations listed out in the documentation, but nothing seems to change and the error is shown below. The documentation indicates TLS is optional for an on prem deployment so I wouldn't think we would need to stray from our original settings. Did anyone else experience this type of situation on an upgrade? Any help is appreciated

The error I am seeing in the WP log is

Error in WP log (I've removed references to the domain and user account)

20250205/145650.588 - 46     U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\MYUSERNAME'.

20250205/145650.595 - 46     U00045014 Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090511, comment: AcceptSecurityContext error, data 52e, v4563 ]"' at 'com.sun.jndi.ldap.LdapCtx.mapErrorCode():3259'.

20250205/145650.598 - 46     U00045040 LDAP check with logon user 'DOMAIN.LOCAL\MYUSERNAME' failed.

Here is our functioning configuration for 21.011

Hi,

There is a small difference between V21 and V24 when it comes to LDAP. V24 assumes TLS is on. Here the part of the UC_LDAP_EXAMPLE: 

• TLS

  Allowed values: Y[es] and N[o]

  • Y - The JWP creates a connection to the LDAP server over TLS

  • N - The JWP creates a connection to the LDAP server without TLS

  Default value: Y[es]  <--- 

  Restart required: No

In V21 it was this way: 

• TLS

  Note: This key is used only if the VERSION key is set to 2.

  Allowed values: Y[es] and N[o]

  • Y - The JWP creates a connection to the LDAP server over TLS

  • N - The JWP creates a connection to the LDAP server without TLS

  Restart required: No

And no surprise here, the default was N.

Once you upgrade to V24 and do not have explicitly set TLS to N in your UC_LDAP_ * settings, the engine will assume it is supposed to open a TLS connection using a non-tls endpoint 389, which in the end causes the server to reset the connection as it does not expect a TLS connection on that port. 

Meanwhile this was added to the incompatibilities documentation: 
https://docs.automic.com/documentation/webhelp/english/ALL/components/DOCU/24.4.0/Automic%20Automation%20Guides/Content/Installation_Upgrade/CheckIncompatibilities_21012_240.htm

"If you have a non-TLS LDAP connection, before updating, check your configuration in the TLS key in your UC_LDAP_EXAMPLE variable and add TLS=N if it does not already exist. See UC_LDAP_EXAMPLE - LDAP Connection Variable."

EDIT:  Peter was 1 Minute faster ;) +1 what he said ;) 

------------------------------
Cheers,
Marcin

Original Message:
Sent: Jul 29, 2025 09:43 PM
From: Murali krishna
Subject: LDAP no longer working after 24.3 upgrade from 21.0.11

Hi Ben Baez and Team,

we are also facing same error after upgraded to 24.4 from version 21. Please share me details if you find the solution

U00045033 Log on to LDAP server 'ldapad.server.abc.abc.abc:389' with user 'prod.ad.abc.abc.abc.com\user1'.
 U00045014 Exception 'javax.naming.CommunicationException: "ldapad.server.abc.abc.abc:389"' at 'com.sun.jndi.ldap.Connection.<init>()'.
 U00045015 The previous error was caused by 'java.net.SocketException: "Connection reset"' at 'sun.nio.ch.NioSocketImpl.implRead()'.
U00045040 LDAP check with logon user ''prod.ad.abc.abc.abc.com\user1' failed

Original Message:
Sent: Feb 20, 2025 01:25 PM
From: BEN BAEZ
Subject: LDAP no longer working after 24.3 upgrade from 21.0.11

One thing that I have noticed that makes me thing there is some sort of mapping situation is that when I look in at a successful login in V21.0.11 the message is  as follows.

U00003205 Logon of 'Ben Baez' ('USERNAME/DOMAIN.LOCAL'), client: '0010' accepted by host 'SERVER'. Client version = '21.0.11+build.1720086822060', type='Java-API' (connection='*CP003#00000027').

In V24.3 the failure shows  

U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\USERNAME'

I'm not sure if this is just how the logging is displayed or if it is passing the credentials backwards and this is why it is failing.

Original Message:
Sent: Feb 18, 2025 10:41 AM
From: BEN BAEZ
Subject: LDAP no longer working after 24.3 upgrade from 21.0.11

Hello,

I've recently deployed a 24.3 test instance to test out upgrading our 21.0.11 environment. I've run into a snag with the LDAP integration after the upgrade. LDAP no longer works using the same settings as our 21.0.11. I've tried a few different configurations listed out in the documentation, but nothing seems to change and the error is shown below. The documentation indicates TLS is optional for an on prem deployment so I wouldn't think we would need to stray from our original settings. Did anyone else experience this type of situation on an upgrade? Any help is appreciated

The error I am seeing in the WP log is

Error in WP log (I've removed references to the domain and user account)

20250205/145650.588 - 46     U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\MYUSERNAME'.

20250205/145650.595 - 46     U00045014 Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090511, comment: AcceptSecurityContext error, data 52e, v4563 ]"' at 'com.sun.jndi.ldap.LdapCtx.mapErrorCode():3259'.

20250205/145650.598 - 46     U00045040 LDAP check with logon user 'DOMAIN.LOCAL\MYUSERNAME' failed.

Here is our functioning configuration for 21.011

Hi Marcin Uracz  and Peter Gross,

Thanks for quick response.
After setting Parameter "TLS=N" to LDAP configuration VARA  :UC_LDAP_* ,  Synchronize is working for LDAP user.

When try to login in UI below error. User credentials are correct because same working in V21.  Please let me know if any other setting to change.

Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090597, comment: AcceptSecurityContext error, data 52e, v4563^@]"' 

Hi,

There is a small difference between V21 and V24 when it comes to LDAP. V24 assumes TLS is on. Here the part of the UC_LDAP_EXAMPLE: 

• TLS

  Allowed values: Y[es] and N[o]

  • Y - The JWP creates a connection to the LDAP server over TLS

  • N - The JWP creates a connection to the LDAP server without TLS

  Default value: Y[es]  <--- 

  Restart required: No

In V21 it was this way: 

• TLS

  Note: This key is used only if the VERSION key is set to 2.

  Allowed values: Y[es] and N[o]

  • Y - The JWP creates a connection to the LDAP server over TLS

  • N - The JWP creates a connection to the LDAP server without TLS

  Restart required: No

And no surprise here, the default was N.

Once you upgrade to V24 and do not have explicitly set TLS to N in your UC_LDAP_ * settings, the engine will assume it is supposed to open a TLS connection using a non-tls endpoint 389, which in the end causes the server to reset the connection as it does not expect a TLS connection on that port. 

Meanwhile this was added to the incompatibilities documentation: 
https://docs.automic.com/documentation/webhelp/english/ALL/components/DOCU/24.4.0/Automic%20Automation%20Guides/Content/Installation_Upgrade/CheckIncompatibilities_21012_240.htm

"If you have a non-TLS LDAP connection, before updating, check your configuration in the TLS key in your UC_LDAP_EXAMPLE variable and add TLS=N if it does not already exist. See UC_LDAP_EXAMPLE - LDAP Connection Variable."

EDIT:  Peter was 1 Minute faster ;) +1 what he said ;) 

------------------------------
Cheers,
Marcin

Original Message:
Sent: Jul 29, 2025 09:43 PM
From: Murali krishna
Subject: LDAP no longer working after 24.3 upgrade from 21.0.11

Hi Ben Baez and Team,

we are also facing same error after upgraded to 24.4 from version 21. Please share me details if you find the solution

U00045033 Log on to LDAP server 'ldapad.server.abc.abc.abc:389' with user 'prod.ad.abc.abc.abc.com\user1'.
 U00045014 Exception 'javax.naming.CommunicationException: "ldapad.server.abc.abc.abc:389"' at 'com.sun.jndi.ldap.Connection.<init>()'.
 U00045015 The previous error was caused by 'java.net.SocketException: "Connection reset"' at 'sun.nio.ch.NioSocketImpl.implRead()'.
U00045040 LDAP check with logon user ''prod.ad.abc.abc.abc.com\user1' failed

Original Message:
Sent: Feb 20, 2025 01:25 PM
From: BEN BAEZ
Subject: LDAP no longer working after 24.3 upgrade from 21.0.11

One thing that I have noticed that makes me thing there is some sort of mapping situation is that when I look in at a successful login in V21.0.11 the message is  as follows.

U00003205 Logon of 'Ben Baez' ('USERNAME/DOMAIN.LOCAL'), client: '0010' accepted by host 'SERVER'. Client version = '21.0.11+build.1720086822060', type='Java-API' (connection='*CP003#00000027').

In V24.3 the failure shows  

U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\USERNAME'

I'm not sure if this is just how the logging is displayed or if it is passing the credentials backwards and this is why it is failing.

Original Message:
Sent: Feb 18, 2025 10:41 AM
From: BEN BAEZ
Subject: LDAP no longer working after 24.3 upgrade from 21.0.11

Hello,

I've recently deployed a 24.3 test instance to test out upgrading our 21.0.11 environment. I've run into a snag with the LDAP integration after the upgrade. LDAP no longer works using the same settings as our 21.0.11. I've tried a few different configurations listed out in the documentation, but nothing seems to change and the error is shown below. The documentation indicates TLS is optional for an on prem deployment so I wouldn't think we would need to stray from our original settings. Did anyone else experience this type of situation on an upgrade? Any help is appreciated

The error I am seeing in the WP log is

Error in WP log (I've removed references to the domain and user account)

20250205/145650.588 - 46     U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\MYUSERNAME'.

20250205/145650.595 - 46     U00045014 Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090511, comment: AcceptSecurityContext error, data 52e, v4563 ]"' at 'com.sun.jndi.ldap.LdapCtx.mapErrorCode():3259'.

20250205/145650.598 - 46     U00045040 LDAP check with logon user 'DOMAIN.LOCAL\MYUSERNAME' failed.

Here is our functioning configuration for 21.011

Hi,

if you use DN information to identify the user please check if the parameter "USE_DISTINGUISHED_NAME" is configured in your LDAP variable. Recently this was the reason for another customer.

regards,
Peter

Hi Marcin Uracz  and Peter Gross,

Thanks for quick response.
After setting Parameter "TLS=N" to LDAP configuration VARA  :UC_LDAP_* ,  Synchronize is working for LDAP user.

When try to login in UI below error. User credentials are correct because same working in V21.  Please let me know if any other setting to change.

Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090597, comment: AcceptSecurityContext error, data 52e, v4563^@]"' 

Hi,

There is a small difference between V21 and V24 when it comes to LDAP. V24 assumes TLS is on. Here the part of the UC_LDAP_EXAMPLE: 

• TLS

  Allowed values: Y[es] and N[o]

  • Y - The JWP creates a connection to the LDAP server over TLS

  • N - The JWP creates a connection to the LDAP server without TLS

  Default value: Y[es]  <--- 

  Restart required: No

In V21 it was this way: 

• TLS

  Note: This key is used only if the VERSION key is set to 2.

  Allowed values: Y[es] and N[o]

  • Y - The JWP creates a connection to the LDAP server over TLS

  • N - The JWP creates a connection to the LDAP server without TLS

  Restart required: No

And no surprise here, the default was N.

Once you upgrade to V24 and do not have explicitly set TLS to N in your UC_LDAP_ * settings, the engine will assume it is supposed to open a TLS connection using a non-tls endpoint 389, which in the end causes the server to reset the connection as it does not expect a TLS connection on that port. 

Meanwhile this was added to the incompatibilities documentation: 
https://docs.automic.com/documentation/webhelp/english/ALL/components/DOCU/24.4.0/Automic%20Automation%20Guides/Content/Installation_Upgrade/CheckIncompatibilities_21012_240.htm

"If you have a non-TLS LDAP connection, before updating, check your configuration in the TLS key in your UC_LDAP_EXAMPLE variable and add TLS=N if it does not already exist. See UC_LDAP_EXAMPLE - LDAP Connection Variable."

EDIT:  Peter was 1 Minute faster ;) +1 what he said ;) 

------------------------------
Cheers,
Marcin

Original Message:
Sent: Jul 29, 2025 09:43 PM
From: Murali krishna
Subject: LDAP no longer working after 24.3 upgrade from 21.0.11

Hi Ben Baez and Team,

we are also facing same error after upgraded to 24.4 from version 21. Please share me details if you find the solution

U00045033 Log on to LDAP server 'ldapad.server.abc.abc.abc:389' with user 'prod.ad.abc.abc.abc.com\user1'.
 U00045014 Exception 'javax.naming.CommunicationException: "ldapad.server.abc.abc.abc:389"' at 'com.sun.jndi.ldap.Connection.<init>()'.
 U00045015 The previous error was caused by 'java.net.SocketException: "Connection reset"' at 'sun.nio.ch.NioSocketImpl.implRead()'.
U00045040 LDAP check with logon user ''prod.ad.abc.abc.abc.com\user1' failed

Original Message:
Sent: Feb 20, 2025 01:25 PM
From: BEN BAEZ
Subject: LDAP no longer working after 24.3 upgrade from 21.0.11

One thing that I have noticed that makes me thing there is some sort of mapping situation is that when I look in at a successful login in V21.0.11 the message is  as follows.

U00003205 Logon of 'Ben Baez' ('USERNAME/DOMAIN.LOCAL'), client: '0010' accepted by host 'SERVER'. Client version = '21.0.11+build.1720086822060', type='Java-API' (connection='*CP003#00000027').

In V24.3 the failure shows  

U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\USERNAME'

I'm not sure if this is just how the logging is displayed or if it is passing the credentials backwards and this is why it is failing.

Original Message:
Sent: Feb 18, 2025 10:41 AM
From: BEN BAEZ
Subject: LDAP no longer working after 24.3 upgrade from 21.0.11

Hello,

I've recently deployed a 24.3 test instance to test out upgrading our 21.0.11 environment. I've run into a snag with the LDAP integration after the upgrade. LDAP no longer works using the same settings as our 21.0.11. I've tried a few different configurations listed out in the documentation, but nothing seems to change and the error is shown below. The documentation indicates TLS is optional for an on prem deployment so I wouldn't think we would need to stray from our original settings. Did anyone else experience this type of situation on an upgrade? Any help is appreciated

The error I am seeing in the WP log is

Error in WP log (I've removed references to the domain and user account)

20250205/145650.588 - 46     U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\MYUSERNAME'.

20250205/145650.595 - 46     U00045014 Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090511, comment: AcceptSecurityContext error, data 52e, v4563 ]"' at 'com.sun.jndi.ldap.LdapCtx.mapErrorCode():3259'.

20250205/145650.598 - 46     U00045040 LDAP check with logon user 'DOMAIN.LOCAL\MYUSERNAME' failed.

Here is our functioning configuration for 21.011

Hello,

I've recently deployed a 24.3 test instance to test out upgrading our 21.0.11 environment. I've run into a snag with the LDAP integration after the upgrade. LDAP no longer works using the same settings as our 21.0.11. I've tried a few different configurations listed out in the documentation, but nothing seems to change and the error is shown below. The documentation indicates TLS is optional for an on prem deployment so I wouldn't think we would need to stray from our original settings. Did anyone else experience this type of situation on an upgrade? Any help is appreciated

The error I am seeing in the WP log is

Error in WP log (I've removed references to the domain and user account)

20250205/145650.588 - 46     U00045033 Log on to LDAP server 'domain.local:port' with user 'DOMAIN.LOCAL\MYUSERNAME'.

20250205/145650.595 - 46     U00045014 Exception 'javax.naming.AuthenticationException: "[LDAP: error code 49 - 80090308: LdapErr: DSID-0C090511, comment: AcceptSecurityContext error, data 52e, v4563 ]"' at 'com.sun.jndi.ldap.LdapCtx.mapErrorCode():3259'.

20250205/145650.598 - 46     U00045040 LDAP check with logon user 'DOMAIN.LOCAL\MYUSERNAME' failed.

Here is our functioning configuration for 21.011