Hi all,
I installed local LDAP on neth 7.3.1611 . Added some users and did a local ldapsearch, so far all working. On another host I installed the openldap-clients and did the same search again, but without success. Shorewall is ok.
I appreciate any comment or hint, thanks in advance.
Best,
Johannes
Can you share the ldapsearch query command in use?
ldapsearch -h 123.123.123.123 -D “cn=ldapservice,dc=directory,dc=nh” -w bla -b “ou=People,dc=directory,dc=nh” sAMAccountName
the error is invalid credentials
Substitute
cn=ldapservice,...
With
uid=ldapservice,...
Also
samaccountname
With
objectclass=\*
Add also -Z flag (STARTTLS)
BTW you can bind anonymously from LAN
ldapsearch -D '' -w '' -x ...
Hi,
thanks for your help!
This works:
ldapsearch -x -h myserver.com -b “” -s base “(objectclass=*)”
If I use a specific binddn it fails.
Here is the dump of the account-provider test
[root@bla ~]# account-provider-test dump
{
“BindDN” : “cn=ldapservice,dc=directory,dc=nh”,
“LdapURI” : “ldap://127.0.0.1”,
“StartTls” : “”,
“port” : 389,
“host” : “127.0.0.1”,
“isAD” : “”,
“isLdap” : “1”,
“UserDN” : “ou=People,dc=directory,dc=nh”,
“GroupDN” : “ou=Groups,dc=directory,dc=nh”,
“BindPassword” : “bla”,
“BaseDN” : “dc=directory,dc=nh”,
“LdapUriDn” : “ldap:///dc%3Dzoo%2Cdc%3Dhasselbit%2Cdc%3Dcom”
}
Domain Accounts says:
LDAP URI: ldap://127.0.0.1
Base DN
dc=directory,dc=nh
User DN
ou=People,dc=directory,dc=nh
Group DN
ou=Groups,dc=directory,dc=nh
Bind DN
cn=ldapservice,dc=directory,dc=nh
Bind password
bla
I though it fails because the ldap:// protocol is bound to the localhost and therefore does not accept remote access. But with your test I have to discard my theory.
Do you see anything weird?
Thanks in advance
I switched to ldaps:// on the remote host and everything works fine. Thanks for your help