Video Screencast Help

Unable to authenticate user - ldap operation result: 49, Invalid credentials

Created: 20 Nov 2012 | 2 comments

We are currently deploying Symantec PGP WDE here at work.  We have successfully installed and enrolled nearly 200 clients now with very little issue.  However, we are running into this scenario with one of our users.  He is currently the only user at the facility with this problem - we have had nearly half a dozen other users enroll without this issue.  PGP Desktop is installed via the client downloaded from the server and installed using the following switches -

msiexec /i  c:\PGPDesktop32.msi  PGP_INSTALL_DISABLESSOENROLL=0 /quiet /norestart

Upon reboot, the following entries are made in the server logs after attempting to launch PGP Desktop -

ldap operation result: 49, Invalid credentials

failed authentication for internal PGP Desktop user XXXXX from [XXX.XX.XX.XXX]

client request <AuthenticateInternalPassphrase> returning fault -11286 (authorization failed for this operation)

We have since tried installing without switches to disable the auto-enroll, but even when typing in the user's credentials manually, he won't authenticate and the same messages are logged.

Any idea what would make this one user account hang on this?  Multiple other divisions communicating with the same server have not had this happen to anyone.  Any insight you could provide would be appreciated.

Comments 2 CommentsJump to latest comment

Brian_Ch's picture

That error is server authorization failed. Check the users credentials in AD. Make sure his account isn't expired. Also make sure that there are no other users in AD that have the same username or credentials that have been expired. If these don't work then create a new user account in AD and new password and try it again. You might also check the base DN settings in your Directory Synchronization to verify it can find that user in the location it's searching. User might be outside of the base DN that you have set to search.


PGP_Ben's picture

Did the post from Brian solve your problem?

If/when you consider your issue resolved, please click Mark As Solution on the most helpful response.