Search code examples
javaandroidactive-directoryldapunboundid-ldap-sdk

LDAPException(resultCode=84 (decoding error)

I am trying to connect to an LDAP server and log in from simple Adnroid app where i have login form (Active Directory username and password), but I get the following error:

LDAPException(resultCode=84 (decoding error), errorMessage='The connection to server xxx.x.xxx.xx:443 was closed while waiting for a response to a bind request SimpleBindRequest(): Unable to read or decode an LDAP message: Invalid value length of 80 for an ASN.1 integer element. Integer element values must have a length between 1 and 4 bytes., ldapSDKVersion=5.1.4, revision=95121137bbf71bc02638a53c2c8ddf3588c2bcc4')

An error occurs when I try to log in. Can I log in using only uid in bindDN? I tried specifying the full DN (dn="CN=LastName FirstName,OU=Users,OU=xx,OU=xxx,OU=xxx,DC=xxx,DC=xxx,DC=xxx,DC=xxx,DC=su") and (dn="uid=xxx,OU=Users,OU=xx,OU=xxx,OU=xxx,DC=xxx,DC=xxx,DC=xxx,DC=xxx,DC=su"), but got the same error.

What could be the problem? Thanks in advance.

Here is my code:

public class MainActivity extends Activity implements OnClickListener {

int port=443;
final String dn ="uid=xxx";
final String password ="xxx";
final String hostname = "xxx.x.xxx.xx";
boolean login_flag=true;

@Override
protected void onCreate(Bundle savedInstanceState) {
    super.onCreate(savedInstanceState);
    setContentView(R.layout.activity_main);

    Button bt_login=(Button)findViewById(R.id.bt_login);
    bt_login.setOnClickListener(this);
}


@SuppressLint("SimpleDateFormat")
@Override
public void onClick(View view)
{       
    new Thread(new Runnable()
    {
        @Override
        public void run()
        {
            try {
                final BindRequest bindRequest = new SimpleBindRequest(dn,password);
                final SSLUtil sslUtil = new SSLUtil(new TrustAllTrustManager());
                final LDAPConnectionOptions connectionOptions = new LDAPConnectionOptions();
                connectionOptions.setFollowReferrals(true);
                final LDAPConnection ldapConnection = new LDAPConnection(sslUtil.createSSLSocketFactory(),hostname,port);
                final BindResult bindResult = ldapConnection.bind(bindRequest);
                final ResultCode resultCode = bindResult.getResultCode();
                if(resultCode.equals(ResultCode.SUCCESS))
                {
                    System.out.println("success");
                }
            } catch (LDAPException e) {
                login_flag=false;
                e.printStackTrace();
                System.out.println("No connection was established");
            } catch(Exception e) {
                e.printStackTrace();
            } finally{
                if(login_flag){
                    ldapConnection.close();
                    System.out.println("Connection Closed successfully");

                }
            }
        }
    }).start();
}
}
Solution

  • You may have several issues with your configuration.

    xxx.x.xxx.xx:443 and int port=443 Implies you were trying to connect on port 443 which is not an acceptable port for LDAP using Microsoft Active Directory.

    Try one of the following:

    • 389 - non-secure
    • 636 - Secure
    • 3268 - non-secure
    • 3269 - Secure

    Appears you are unsure what the proper DN that should be used.

    On a DC, Executing: dsquery user -samid jim

    will reveal the DN of the user matching the sAMAccountName: "CN=Jim Willeke,CN=Users,DC=mad,DC=willeke,DC=com"

    Or you might be able to use your values for sAMAccountName@yourADDomain ([email protected])

    -jim