A few weeks ago I switched our authentication method from AD to LDAP and everything for the most part has been working without any issues. Today a user tried signing-in and was denied access because of an unexpected AD error code. The complete error reads as follows. Bind failed to user DN "CN=XXX,OU=XXX,OU=XXX,DC=test,DC=net" AD code=1329: Unexpected AD error code After looking into error code 1329, I found that it's related to the Logon Workstations restriction. This particular user is only allowed to logon to a few machines. My question is why is LDAP treated differently than AD auth? Is this expected behavior or is this a problem between the IVE and domain controllers? If I remove the logon workstations restrictions, then the LDAP auth works just fine. Is the AD auth doing something different that allows the login as opposed to LDAP? I don't want to add the domain controllers to the list of workstations that this user can logon to. Any suggestions? Thanks!
... View more