Announcement

Collapse
No announcement yet.

Windows 2000 LDAP log

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Windows 2000 LDAP log

    hi guys

    a partner of my is configuring a application that uses windows 2000 SP4 Server Active directory

    but is giving us some issues when users try to log in to the app using their AD credentials like:

    expired password
    invalid credentials


    we found this
    http://www-01.ibm.com/support/docvie...id=swg21290631

    but I would like to know where is the log to follow the procedure from Windows 2000 LDAP-AD perspective to see the log in process

    I mean what is the log-trace or event so I can see what is really the issue when a users logs to the app since the app connect first to LDAP-AD to let the user enter the app

    Edit
    can be something like this but for W2000 or something native in w2000
    http://technet.microsoft.com/en-us/s...rnals/bb897539

    --- Edit2
    I just tested the the application I linked above it does not do what I want in fact I don't see any trace when a users logs or their login fails


    thanks a lot guys
    Last edited by kopper; 8th August 2012, 00:24.

  • #2
    Re: Windows 2000 LDAP log

    You could use netmon or wireshark to sniff the traffic. Port 389 for standard non-secure.
    I would seriously recommend you upgrade from 2000 though, it no longer gets security updates so is not suitable for use anymore.
    cheers
    Andy

    Please read this before you post:


    Quis custodiet ipsos custodes?

    Comment


    • #3
      Re: Windows 2000 LDAP log

      thanks a lot I am using wireshark in my simulated enviroment Windows 2000 server and Windows 2000 Prof now I have to go to test it using the app they have to check if the communication replicates as my windows 2000 Prof does as you can see below

      KRB5KDC_ERR_C_PRINCIPAL_UNKNOWN Client not found in Kerberos database
      KRB5KDC_ERR_PREAUTH_FAILED Preauthentication failed
      KRB5KDC_ERR_KEY_EXP Password has expired


      thanks a lot

      Comment


      • #4
        Re: Windows 2000 LDAP log

        I'm assuming here that you've checked the accounts in question aren't expired etc?
        How did you create the test environment, was it a fresh build?
        cheers
        Andy

        Please read this before you post:


        Quis custodiet ipsos custodes?

        Comment


        • #5
          Re: Windows 2000 LDAP log

          Originally posted by AndyJG247 View Post
          I'm assuming here that you've checked the accounts in question aren't expired etc?
          How did you create the test environment, was it a fresh build?
          Yes a fresh scenario (Windows 2000 server and one W2000 Prof client) I basically checked this 3 scenarios

          532 - expired password
          52e - invalid credentials
          525 - not found user

          so I checked the trace in wireshark and found this page
          https://andromeda.rutgers.edu/~sysmail/krb5_error.html

          now I am going to go to my customer and check if the web application sends the same messages or not

          Comment

          Working...
          X