LDAP connection error

 

Problem

---

Error opening connection: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1]

User was unable to access the instance because the LDAP IP connectivity that was configured from the instance was unsuccessful. When a Test Connection was executed from the LDAP server to test the connectivity, there was an error that stated the credentials were invalid. 

 

Symptoms

---

• LDAP connectivity was not working from the instance upon executing a Test Connection from the LDAP Server configuration
• Users were unable to access the instance since the LDAP connectivity was unsuccessful
• The logs documented the following error: "Error opening connection: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1]"

  

Cause

---

An internal networking issue on the customer site was not allowing the updated credentials to be accepted as valid credentials. 

 

Resolution

---

In order to resolve the issue, a JXplorer install was requested. After using JXplorer, connecting to the same LDAP server with the same credentials invoked the same error (Error opening connection: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1]) that was noticed on the ServiceNow instance. (For more information about JXplorer, see JXplorer.org.)

Using JXplorer eliminated the ServiceNow configurations as the root cause of the encountered issue. After the networking/environmental issue on the LDAP server was rectified and JXplorer was able to connect successfully, the same credentials in ServiceNow allowed the LDAP connectivity to be successful and restored the instance access for the users.