LDAP Users Report Error, "Invalid Credentials" When Supplying Known-Valid Credentials to Secure Global Desktop

(Doc ID 1403154.1)

Last updated on AUGUST 02, 2017

Applies to:

Oracle Secure Global Desktop - Version 4.5 to 5.3 [Release 4.0 to 5.0]
Information in this document applies to any platform.

Symptoms

Users of Secure Global Desktop (SGD) version 4.50 or later may report that authentication with LDAP credentials may result in the error: 

 

   Invalid Credentials

despite using known-correct values.

SGD Administrators investigating this behavior may see events like the following, written to jserver.log files, within the standard logging directory.  [/opt/tarantella/var/log/]

2012/01/13 10:31:08.976 (pid 10630) server/ldap/warningerror
Secure Global Desktop Software (4.5) WARNING:

The currently configured authentication mode is not supported by host
ldap://99.99.99.99:389:ldap://ldapserver.server.com:389/dc=global,dc=test,dc=
com:ldapserver.server.com[ldapserver.server.com/99.99.99.99]:[Up]

Your current authentication mode is GSSAPI:GSSAPI

ldap://99.99.99.99:389:ldap://ldapserver.server.com:389/dc=global,dc=test,dc=
com:ldapserver.server.com[ldapserver.server.com/99.99.99.99]:[Up]
cannot be used to retrieve data from the directory.

To troubleshoot this error:
- Verify the authentication modes supported by this host.
- Verify that SGD is currently using the correct authentication mode.


2012/01/13 10:31:08.981 (pid 10630) server/ldap/warningerror
Secure Global Desktop Software (4.5) WARNING:

LDAP call failed:
ldap://99.99.99.99:389:ldap://ldapserver.server.com:389/dc=global,dc=test,dc=
com:ldapserver.server.com[ldapserver.server.com/99.99.99.99]:[Up] getAtt
ributes-.../_ldapmulti/forest/("CN=v054110,OU=AffiliatedPeople,OU=Test,OU=Acco
unts,dc=global,dc=ual,dc=com") ("cn","name","givenName","displayName","userPrinc
ipalName",)
Call took 110ms.

Reason:
javax.naming.CommunicationException: Authentication mechanism is not supported:[ LDAP: error code 1 - 000004DC: LdapErr: DSID-0C0906E8, comment: In order to perform this operation a successful bind must be completed on the connection., data0, v1db1]

The call to the directory server failed.

Check the operation was correct, the LDAP configuration is valid, and the
LDAP server is still running.

  

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms