State of Knowledge

September 2021.

Affected versions: MetaDirectory 5 Enterprise 

Observation

The MetaDirectory data source in the ProCall Enterprise client shows an "Error: Authentication method not supported" after updating the MetaDirectory server to version 5.0.13.11205.

Messages like the following can be seen in the log files of the ProCall client:

;32;mainthread-11260;ELDAPDatabaseConnection::OpenConnection;Connecting to ldap server <IP Adresse>:712...
;32;mainthread-11260;ELDAPDatabaseConnection::OpenConnection;Simple bind on LDAP server <IP Adresse>:712 failed with LDAP code 0x00000007 (Authentifizierungsmethode nicht unterstützt). MetaDirectory may refuse anonymous simple bind.
CODE
Example screenshot: ProCall Enterprise Client – Settings – Search – Data sources – Error message

The error occurs in the following configuration

  • In estos MetaDirectory Administrator, "Simple" is not configured as the authentication method under User Management with Microsoft Active Directory.
  • In estos UCServer administration, "Windows domain authentication" is configured at user login.
  • In ProCall My Computer settings on the ProCall client, the option "Use Windows login" is disabled. ProCall users enter their credentials manually.

Background

Due to a change in the MetaDirectory preferences, the default authentication method used was changed from the previous default value "Simple" to "Negotiate".
With the "Negotiate" setting, the method preferred by the LDAP server is used, which is usually NTLM.
Since this is not supported, subsequent login attempts via Distinguished Name will fail.

Solution

Switch to "Simple" authentication method in estos MetaDirectory Administrator, under "User management with Active Directory".

Sample Screenshot: MetaDirectory Administrator – User Management – User Data Source – User Management with Active Directory – Method "Simple"