I am writing some Java code that authenticates to Active Directory using SASL GSSAPI. Mostly this code is working fine but for one user I am getting the response:
javax.naming.AuthenticationException: [LDAP: error code 49 - 8
0090304: LdapErr: DSID-0C0904D1, comment: AcceptSecurityContext error, data 568,
v1772 ]
I know that 49 means this is an authentication failure, and that the relevant sub code is 568, but I am only aware of the following meanings for that data:
- 525 - user not found
- 52e - invalid credentials
- 530 - not permitted to logon at this time
- 532 - password expired
- 533 - account disabled
- 701 - account expired
- 773 - user must reset password
So far I am unable to find an authorative source of these error codes from Microsoft (this list is pieced together from forum posts) and I can't find anything for that 568 error.
Does anyone know what it means?
EDIT: It looks like the source of this list comes from this documentation from IBM