LDAP Authentication
I have populated the fields in the Active Directory Catalog and I believe they're all correct. However, when I try to log in using a domain account, it errors saying:
Could not sign in to HgLab
We didn't recognise the username or password you entered.
And on the named Domain Controller I get two errors, the first is Event ID 680 and says:
Logon attempt by: MICROSOFT_AUTHENTICATION_PACKAGE_V1_0
Logon account: <MYDOMAIN>\<MYDOMAINUSER>
Source Workstation: <SERVERHOSTINGHGLAB>
Error Code: 0xC0000064
Followed by a 529 Event saying:
Logon Failure:
Reason: Unknown user name or bad password.
User Name: <MYDOMAIN>\<MYDOMAINUSER>
Domain:
Logon Type: 3
Logon Process: NtLmSsp
Authentication Package: NTLM
Workstation Name: <SERVERHOSTINGHGLABS>
Caller User Name: -
Caller Domain: -
Caller Logon ID: -
... etc
I'm beginning to think this isn't an issue with HGLab, but has anyone else seen it before? The server hosting HGLab is Server 2008 R2 and the DC is Server 2003 SP2 so I wonder if this is a security issue between the two?
Cheers
Neil
Comments are currently closed for this discussion. You can start a new one.
Keyboard shortcuts
Generic
? | Show this help |
---|---|
ESC | Blurs the current field |
Comment Form
r | Focus the comment reply box |
---|---|
^ + ↩ | Submit the comment |
You can use Command ⌘
instead of Control ^
on Mac
Support Staff 1 Posted by Anton Gogolev on 01 Aug, 2013 12:38 PM
Neil,
Sorry for the delay. I believe error code 0xC0000064 says that there's no
user you're either trying to perform bind with (the one with "Bind Login"),
or there's no user with the login you're entering in /signin. LDAP is a
very strange to work with, so this is all I can help you with here.
Alternatively, we can schedule a TeamViewer session so that I'll be see
things more closely.
2 Posted by Neil Wood on 02 Aug, 2013 10:45 AM
Hi Anton,
Thanks for the response. I've tried to log in with multiple user accounts that I know exist (one was my usual domain account) so I also thought it might be the binding account. However, as a test, I changed the binding account name to something I knew was incorrect (ie adding an extra letter on the username) and I started getting the same error message, but now relating to the binding account not existing instead of the one I was trying to log in as. I took from that that it was liking the binding account when it was entered correctly.
I really appreciate the offer of a Teamviewer session, but unfortunately, the HGLab install is on a network that I'm unable to attach to the internet.
Any other suggestions are gratefully received, but I understand that it may be out of the scope of your software.
Cheers
Neil
Support Staff 3 Posted by Anton Gogolev on 03 Aug, 2013 07:41 AM
Neil,
The only thing I can really suggest you is playing around with login names. I had a case when a customer was only able to sign in using a domain name-prefixed login (i.e. ACMECORP\username).
Other than that, I'm at a complete loss right now. Sorry for that.
On 02.08.2013, at 14:45, "Neil Wood" <[email blocked]> wrote:
Anton Gogolev closed this discussion on 22 Aug, 2013 07:53 AM.
Anton Gogolev re-opened this discussion on 22 Aug, 2013 07:54 AM
Support Staff 4 Posted by Anton Gogolev on 22 Aug, 2013 07:54 AM
Neil,
Any luck with setting things up?
5 Posted by Neil Wood on 22 Aug, 2013 10:59 AM
Hi Anton,
Thank you very much for coming back to me. Unfortunately, I was unable to
get it working so the users are just using accounts created in the system.
Thanks again.
Neil
Anton Gogolev closed this discussion on 23 Aug, 2013 09:13 AM.