Can't BIND to a Azure Active Directory Service with Secure LDAP

Paul Layne 6 Reputation points
2021-03-16T12:27:18.697+00:00

After following the article for setting up Secure LDAP with a cloud only Azure AD, i can not BIND and view the AADS instance with my account,

I am a Global Admin on the AD
This is a Cloud Only setup (no on premise sync)
Followed the guide microsoft provided
Used a public Wild Card Cert and a Domain I own

Guide used
https://learn.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-configure-ldaps

Error Message:

Error <49>: ldap_bind_s() failed: Invalid Credentials.
Server error: 8009030C: LdapErr: DSID-0C090590, comment: AcceptSecurityContext error, data 52e, v2580
Error 0x8009030C The logon attempt failed

Microsoft Entra
{count} vote

2 answers

Sort by: Most helpful
  1. Erich 6 Reputation points
    2022-01-28T15:08:43.46+00:00

    Hi there,
    I had the same problem. The solution was weird.
    It was neccessary to reset the password from the "bind-user"!!
    Background: This step is required because its an online user. For Sign-in LDAPS requires a password hash. When you reset the password, AAD creates a hash and after a few minutes it synchronise it with AADDS.

    1 person found this answer helpful.

  2. Andriy Bilous 11,176 Reputation points
    2021-03-16T15:35:05.47+00:00

    Hello @Paul Layne

    Error "Error <49>: ldap_bind_s() failed: Invalid Credentials." means that you are trying to connect to AzureAD LDAP using wrong username or password.

    You can test connection to your AzureAD LDAP using LDP.exe utility.
    https://learn.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-configure-ldaps#test-queries-to-the-managed-domain