I'm troubleshooting a VPN appliance's failure to authenticate against my Active Directory using LDAP. I sniffed some packets and got this:
[email protected].].0FP.......0....h...a...._..1...X80090308: LdapErr: DSID-_0C0903AA, comment: AcceptSecurityContext error, data 525, v1772.
I've reset its account's password twice to no avail. I even tried the domain administrator credentials instead of the appliance's and got the same error. It used to work...
---------- Post added at 10:42 AM ---------- Previous post was at 10:12 AM ----------
Well, further troubleshooting makes me think that Windows isn't searching through the OU tree like it should. If I specify the complete path in the LDAP query it works, but it doesn't search like it used to. This means I'd have to have the VPN's ldap query user and all VPN users in the same OU.
---------- Post added at 10:50 AM ---------- Previous post was at 10:42 AM ----------
Ok, fixed it, though I still don't know why it failed. I think it's approximately in the same condition it was before. It will search child OUs for the user who is logging in but not the VPN box's LDAP query credentials...