[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Active Directory

Were you able to authenticate users from ADS...using OpenLDap..

Christian Pohl wrote:
Ron Wahler wrote:

I need access to Active Directory User passwords from
A remote client.  I would like to use ldapsearch has anyone

Configured a client to do that ?   what other tools do I need ?



I used this config to _change_ the password. Perhaps it works also for reading.

1. Enable SSL for ldap (Microsoft Knowledgebase Article 247078)
2. Root Certificate to openldap-tools: (openldap:.../etc/openldap/ldap.conf: TLS_CACERT /path/to/pem/ca/cert.crt)
5. connect to server here: write new password
ldapmodify -H ldaps://myadserver.company.de -D "cn=administrator,cn=users,dc=mydomain,dc=mycountry" -w -f myldif.ldif

Remark: the servername in the subject _must_ match the one used in the connect string.

247078 HOWTO: Enable Secure Socket Layer (SSL) Communication Over LDAP For Windows 2000 Domain Controllers
269190 HOWTO: Change a Windows 2000 User's Password Through LDAP

Perhaps this helps.

Kind regards,