If you’re on ns6 your connection requires STARTTLS and user credentials.
Edit:
If you’re on ns6 your connection requires STARTTLS and user credentials.
Edit:
unfortunately not works
Please see also the link above
The connection works but I cannot browse the LDAP tree and return “No such Object” error.
It seems that LDAP tree is browsable only from localhost.
I don’t understand why I cannot browse the directory.
If I use phpLdapAdmin or I run Apache Directory Studio on locally is ok…
If from my PC launch Apache Directory Studio I cannot browse.
For this, I must to connect a web application to use LDAP and the connection not works.
Mario
libuser can access from local host only. Please try with admin or any other user account!
This is exactly your problem.
I’ve encountered this “behavior” some time ago, and I changed to the way I wanted it (read only for everybody).
I’m too lazy to investigate the consequences of this modification, but for my use cases this is “secure enough”.
click here to see the modifications I made.
@alefattorini: no, I’m not an expert in any way. Expecially with LDAP. I’ve just configured it with my mighty hammer.
Just tried…nothing to do
I created a user on top called totaladmin but nothing.
Ok not an expert but a smart guy
The request LDAP Administration tool and ldaps looks similar to your. I can’t figure out why it does not work…
Could you provide more details? Could you attach a log file or error message from the LDAP server?
Could you make an experiment from a remote host with the ldapsearch
command? Please try with
ldapsearch -b dc=directory,dc=nh -ZZ -h yourserver -D uid=admin,ou=People,dc=directory,dc=nh -W
works!
mmmmmmm…monday will try by the web app
thanks
works from a server but not from the Apache Directory Studio?
It’s very strange!!!
Failed to login from web app.
This is the slapd log:
Sep 26 11:38:50 nstest slapd[3652]: conn=1190 op=2 BIND anonymous mech=implicit ssf=0
Sep 26 11:38:50 nstest slapd[3652]: conn=1190 op=2 BIND dn=“uid=connuser,ou=People,dc=#####,dc=#####” method=128
Sep 26 11:38:50 nstest slapd[3652]: conn=1190 op=2 BIND dn=“uid=connuser,ou=People,dc=directory,dc=nh” mech=SIMPLE ssf=0
Sep 26 11:38:50 nstest slapd[3652]: conn=1190 op=2 RESULT tag=97 err=0 text=
Sep 26 11:38:50 nstest slapd[3652]: conn=1190 op=3 SRCH base=“ou=People,dc=#####,dc=#####” scope=0 deref=0 filter="(objectClass=*)“
Sep 26 11:38:50 nstest slapd[3652]: conn=1190 op=3 SEARCH RESULT tag=101 err=32 nentries=0 text=
Sep 26 11:38:50 nstest slapd[3652]: conn=1191 fd=39 ACCEPT from IP=10.0.0.111:36153 (IP=0.0.0.0:389)
Sep 26 11:38:50 nstest slapd[3652]: conn=1191 op=0 BIND dn=“uid=connuser,ou=People,dc=u#####,dc=#####” method=128
Sep 26 11:38:50 nstest slapd[3652]: conn=1191 op=0 BIND dn=“uid=connuser,ou=People,dc=directory,dc=nh” mech=SIMPLE ssf=0
Sep 26 11:38:50 nstest slapd[3652]: conn=1191 op=0 RESULT tag=97 err=0 text=
Sep 26 11:38:50 nstest slapd[3652]: conn=1191 op=1 SRCH base=“ou=People,dc=u#####,dc=#####” scope=2 deref=0 filter=”(&(objectClass=sambaSamAccount)(objectClass=shadowAccount)(objectClass=posixAccount)(objectClass=inetOrgPerson)(objectClass=person)(objectClass=top)(uid=lanno))"
Sep 26 11:38:50 nstest slapd[3652]: conn=1191 op=1 SRCH attr=displayName uid employeeNumber
Sep 26 11:38:50 nstest slapd[3652]: conn=1191 op=1 SEARCH RESULT tag=101 err=32 nentries=0 text=
maybe I wrong anything
The requested fields are:
rDN Attribute = uid
User id Attribute = uid
Login Name Attribute = uid
LDAP Object Class = sambaSamAccount
Connection DN = uid=user,ou=People,dc=domain,dc=com
Users DN = ou=People,dc=domain,dc=com
Base Search Users = subtree
Group DN = ou=Groups,dc=domain,dc=com
ssf=0
means the connection is not encrypted. Can you see similar lines in the same log file when you run the ldapsearch
command above?
fd=50 TLS established tls_ssf=256 ssf=256
could I disable TLS for test?
For test, I’d rather set up a SSH tunnel for the localhost:389 endpoint
I would to test from web app…
'cos by this command (without -Z options) returns the same error
ldapsearch -b dc=domain,dc=com -h ip_hostname -D uid=lanno,ou=People,dc=domain,dc=com -W