AD LDS - Login with Bind user does not work

Question

I tried to replace our ApacheDS LDAP System with the AD LDS.

I installed and setup the basic AD LDS, created a user called "Admin" and added him to the "Reader" Group, i also tried to add a password with rightclick the user and reset password, but i can't see any set password in the user..

Anyways, when i try to connect to the AD LDS instance with the Bind credentials, i got the message that they are invalid. (Error 49)

Here is my User that i created:

Thanks for your help!

Edit:

Here is what i see in LDP.exe when i use the simple bind

    -----------
res = ldap_simple_bind_s(ld, 'Admin@example.com', <unavailable>); // v.3
Error <49>: ldap_simple_bind_s() failed: Invalid Credentials
Server error: 8009030C: LdapErr: DSID-0C090439, comment: AcceptSecurityContext error, data 2030, v4563
Error 0x8009030C The logon attempt failed

Answer 1

Solved this, i just need to use "Admin" as a Login username, without the domain etc.

Answer 2

You didn't show how you're entering the credentials or the full error message so this is a stab in the dark.

AD will never show you the password - not even the encrypted password - so that's normal.

When it comes to authenticating, AD doesn't use the full DN like other LDAP servers do. I suspect maybe that's what you're doing? You have to give it one of the two user name formats, which can be found in these attributes on the user object:

• The userPrincipalName attribute: this is in the format of username@example.com
• The sAMAccountName attribute. This is what is normally referred to when someone says "username". If you're authenticating to a different domain than the user account is on, then you must include the NetBIOS name of the domain: EXAMPLE\username. If you're authenticating to the same domain, then the domain is optional.