[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLdap Proxy with CentOS 6.3

To: openldap-technical@openldap.org
Subject: Re: OpenLdap Proxy with CentOS 6.3
From: Guillaume Rousse <guillomovitch@gmail.com>
Date: Mon, 10 Sep 2012 10:35:50 +0200
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=eBH35kQ8uxxPgtPHWpMPuaoru/ML3bAwialq+AOBdPg=; b=tTCnJZxXixwWCfhOKq32V3rvh0hs0xSiB/v3NaQH/bindg9RWjo5QejwjQGLi+qL9i uYKpdPAbYizgg6Ii6Gw4MFlXTmnPwKZuYx+PXeU48eQjei3JgrkqQ7RSuY2Gzt9CfLXy B+eH+8i+P455s3J8wTOGWc9onzZrsU2kOyLhzsM7kFAbTUa9QPOZ8TCsWYG4X/38Zuyp AWD3XcnYNQIUB7f5SXv+fCZO6/vhwF/49xJ690Ei2Epfr9C3oKcc5J4GDM89jZXFKVsy RsF96tKLz4CL7bJQnDx/VWpK9l5eEXql3/119GaPAWMuTTUB5FlyEsFJuxa8cQMBOu7i 3kog==
In-reply-to: <1347237522.2455.YahooMailNeo@web140301.mail.bf1.yahoo.com>
References: <1347237522.2455.YahooMailNeo@web140301.mail.bf1.yahoo.com>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20120909 Thunderbird/15.0.1

Le 10/09/2012 02:38, GERF a écrit :

Hello all,

I have been working with this project for a straight two weeks and i
feel lost or stuck.

The goal is to query Windows AD from the linux box located in the DMZ

So, in my virtual lab I have the following:

Windows AD with ip  172.16.5.16 ldap1.gerf02.local
CentOS 6.3 with ip 172.16.5.32 upildap01.gerf02.local

So, my configuration files are as follows:

-*-*-*-*-*-*-*-*-*/etc/openldap/ldap.conf:-*-*-*-*-*-*-*-*-*-*

BASE dc=gerf02,dc=local
URI     ldap://172.16.5.16 ldap://172.16.5.16:636

The second URL seems invalid, unless you managed to make your serverreply without SSL on port 636


[..]

So, when I execute the following, I get this message

ldapsearch -x -b dc=gerf02,dc=local -D cn=Ldap Bind
Account,dc=gerf02,dc=local -W
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
         additional info: 80090308: LdapErr: DSID-0C0903A9, comment:
AcceptSecurityContext error, data 52e, v1db1

Which seems to be a valid AD answer. Did you managed to successfulyexecute the same query against AD directly ?


You should also quote the -D argument value, as it contains spaces...

--
BOFH excuse #367:

Webmasters kidnapped by evil cult.

Follow-Ups:
- Re: OpenLdap Proxy with CentOS 6.3
  - From: GERF <grosero0727@yahoo.com>

References:
- OpenLdap Proxy with CentOS 6.3
  - From: GERF <grosero0727@yahoo.com>

Prev by Date: Object class violation/assertion when adding dynamic chaining configuration
Next by Date: Failing syncrepl connections because of an older contextCSN on the master
Index(es):
- Chronological
- Thread