how to check if SSL or SASL is enabled at customer side or not ?
in [Microsoft Exchange]
|
Prev: Mailbox Migration from Gmail to Exchange 2010
Next: Can't send emails to .nhs.uk addresses after upgrade to Exchange 2
From: shivaraj on 7 Jun 2010 04:30 Hi All, While connecting to AD via JNDI, I am getting a error like: javax.naming.AuthenticationNotSupportedException: [LDAP: error code 8 - 00002028: LdapErr: DSID-0C0901FC, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v1771] From googling what I came across is, this will be thrown when a particular flavor of authentication requested is not supported. It may be specified using specific authentication schemes such those identified using SASL. And I also got a hint that, the solution would be to use env.put("javax.security.sasl.qop","auth-int"); But my query is, I will be running the same LDAP connectivity tool (my tool) with many customers. So how should I test if they are using 1. Normal LDAP port: 389? or they are using SSL/TSL connection with different port number ? 2. How to check what security authentication to use ? i.e setting Context.SECURITY_AUTHENTICATION to "none", "simple", sasl_mech, ? Is there a sample code which I can run and fetch customer setup details (about if SSL is enabled or not etc ) before I set my LDAP env attributes? Regards, Shivaraj
From: Ed Crowley [MVP] on 8 Jun 2010 12:45
You should post this to an Active Directory forum. -- Ed Crowley MVP "There are seldom good technological solutions to behavioral problems." .. "shivaraj" <shivaraj.malannavar(a)gmail.com> wrote in message news:6f60bccf-02b7-4550-a507-8e3c046185f8(a)q12g2000yqj.googlegroups.com... > Hi All, > While connecting to AD via JNDI, I am getting a error like: > javax.naming.AuthenticationNotSupportedException: [LDAP: error code 8 > - 00002028: LdapErr: DSID-0C0901FC, comment: The server requires binds > to turn on integrity checking if SSL\TLS are not already active on the > connection, data 0, v1771] > > From googling what I came across is, this will be thrown when a > particular flavor of authentication requested is not supported. It may > be specified using specific authentication schemes such those > identified using SASL. > > And I also got a hint that, the solution would be to use > env.put("javax.security.sasl.qop","auth-int"); > > But my query is, I will be running the same LDAP connectivity tool (my > tool) with many customers. So how should I test if they are using > 1. Normal LDAP port: 389? or they are using SSL/TSL connection with > different port number ? > 2. How to check what security authentication to use ? i.e setting > Context.SECURITY_AUTHENTICATION to "none", "simple", sasl_mech, ? > > Is there a sample code which I can run and fetch customer setup > details (about if SSL is enabled or not etc ) before I set my LDAP env > attributes? > > Regards, > Shivaraj |