关于java AD 验证错误
代码如下： 
  String host = "172.18.8.87"; // AD服务器 
String port = "389"; // 端口 
String domain = "@ceair.com"; // 邮箱的后缀名 
String url = "ldap://" + host + ":" + port; 
String user = userName.indexOf(domain) > 0 ? userName : userName + domain; 
Hashtable<String, String> env = new Hashtable<String, String>(); 
DirContext ctx = null; 
env.put(Context.SECURITY_AUTHENTICATION, "simple"); 
env.put(Context.SECURITY_PRINCIPAL, user); 
env.put(Context.SECURITY_CREDENTIALS, password); 
env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory"); 
env.put(Context.PROVIDER_URL, url); 
  ctx = new InitialDirContext(env); 
执行到 ctx = new InitialDirContext(env); 时候 报如下错误： 
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1，网上也找了，说是全是英文的，大概意思说是：SECURITY_PRINCIPAL 问题，可是我感觉没错呀，请大家给点意见！！

------解决方案--------------------
AD 没用过，期待有结