Error During User Replication - LDAP Error Code 49

How to Fix LDAP Error 49. User Replication via LDAP Connection or Logging into YSoft SafeQ Web is Not Functioning

Applies to YSoft SafeQ5 and  YSoft SafeQ6.

LDAP Error Code 49 is one of the most common LDAP errors. LDAP Error Code 49 typically indicates an authentication error. It means that the bind request has failed, often due to incorrect credentials provided by the user or application.

The management-service.log (or cml.log / cmlweb.log in YSoft SafeQ 5) or replicator.log contains error similar to the following:

javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 701, v1db0]

The error indicates authentication issues with the LDAP server. The critical code appears at the error's end; in the preceding line, it's "701." Refer to the Resolution section's table to interpret the error's meaning.

Common Causes of LDAP Error Code 49:

Incorrect credentials
User account issues
Network connectivity problems
LDAP server misconfiguration


Following is a list of error codes that can appear in the error message. These are generated by LDAP server and are only relayed to YSoft SafeQ.

Error code
52e Invalid credentials
525 User not found
530 Not permitted to logon at this time
531 Not permitted to logon at this workstation
532 Password expired
533 Account disabled
534 The user has not been granted the requested logon type at this machine
701 Account expired
773 User must reset password
775 User account locked

The resolution should be evident from the translation of the error code. E.g. for error 553 - Account is disabled, you will need to enable the account used for synchronization between YSoft SafeQ and the LDAP server.

See details on configuring the LDAP connector in the documentation article LDAP integration.