[Solved] How to remotely test user login

NethServer Version: NS7
Module: active directory

Hello again :slight_smile: is there a way to remotely test a user login / password against Neth DC by using either
I have tried the following:
ldapsearch -vvv -x -h “X.X.X.X” -p 389 -b “dc=ad,dc=test,dc=com” -s sub ‘(samaccountname=mike)’ -W
ldap_initialize( ldap://X.X.X.X:389 )
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
additional info: 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1

ldapsearch -vvv -x -D “CN=mike,CN=Users,DC=ad,DC=test,DC=com” -h “X.X.X.X” -W
ldap_initialize( ldap://X.X.X.X )
Enter LDAP Password:
ldap_bind: Strong(er) authentication required (8)
additional info: BindSimple: Transport encryption required.

ldapwhoami -vvv -H ldaps://X.X.X.X:636 -D “CN=mike,CN=Users,DC=ad,DC=test,DC=com” -x -w password
ldap_initialize( ldaps://X.X.X.X:636/??base )
ldap_sasl_bind(SIMPLE): Can’t contact LDAP server (-1)

i have tried script:
#!/usr/bin/expect -f
spawn sftp mike@X.X.X.X
match_max 10000
expect "*?assword: "
send – “password\r”
expect "sftp> "
send – “exit\r”
expect eof
echo $?

i just need a value returned to me either 0 or 1. Any ideas?

i did get the net ads info before starting…
]# net ads info
LDAP server: X.X.X.X
LDAP server name: nsdc-adtest.ad.test.com
Bind Path: dc=AD,dc=TEST,dc=COM
LDAP port: 389
Server time: Thu, 04 Apr 2019 14:07:14 EDT
KDC server: X.X.X.X
Server time offset: 0

Thank you for any help :slight_smile:

found a way to do this, hopefully helps someone.
On remote system to test authentication:
install krb5-user and ldb-tools
put in info for kerberos domain and ip of authenticating server in debconf ubuntu have not tested in centos but should be same. after krb5.conf is created you can run:
ldbsearch -H ldap://“serverip” -U “user” -b “dc=ad,dc=test,dc=com” -s sub “(samaccountname)”
which when password is correct or bad you can
echo $?
which should yield
0 or 1 value that can be used to allow access to web or whatever you need on system.