Re: Problems access MS Active Directory from OpenLDAP 2.1.2

[Anthony Brock <abrock@georgefox.edu>]

The -x option is incompatible with Kerberos authentication. So, when 
attempted, I see the following:

# ldapsearch -x -I -H ldap://exsrv.test1.georgefox.com/ -b 
"dc=test1,dc=georgefox,dc=com" objectclass=user
ldapsearch: incompatible previous authentication choice
#

Tony

At 12:02 AM 7/10/2002 -0700, dumber@dumber.sk wrote:
> On Tue, Jul 09, 2002 at 04:01:12PM -0700, Anthony Brock wrote:
> >> I am attempting to bind against a Windows 2K server using OpenLDAP
> >2.1.2.
> >> However, I am encountering the following problem:
> >>
> >> # kinit UnixAdmin
> >> Password for UnixAdmin@TEST1.GEORGEFOX.COM:
> >> # klist
> >> Ticket cache: FILE:/tmp/krb5cc_0
> >> Default principal: UnixAdmin@TEST1.GEORGEFOX.COM
> >>
> >> Valid starting     Expires            Service principal
> >> 07/09/02 15:56:53  07/10/02
> >> 01:56:53  krbtgt/TEST1.GEORGEFOX.COM@TEST1.GEORGEFOX.COM
> >> # ldapsearch -I -H ldap://exsrv.test1.georgefox.com/ -b
> >> "dc=test1,dc=georgefox,dc=com" objectclass=user
> >> SASL/GSSAPI authentication started
> >> SASL Interaction
> >> Please enter your authorization name: UnixAdmin
> >> ldap_sasl_interactive_bind_s: Local error (82)
> >> #
> >>
>
> Try ldapsearch -x

******************************************************************************
* Anthony Brock                                         abrock@georgefox.edu *
* Director of Network Services                         George Fox University *
******************************************************************************