[Date Prev][Date Next] [Chronological] [Thread] [Top]

Strange results with ldapsearch and Active Directory

To: openldap-software@OpenLDAP.org
Subject: Strange results with ldapsearch and Active Directory
From: Niall Gallagher <niall.gallagher@analog.com>
Date: Tue, 02 Mar 2004 12:37:45 +0000
User-agent: Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.5) Gecko/20031016

Hi,

I have been trying to use ldapsearch to query Active Directory, however I am getting some strange results. I use the following command:

ldapsearch -H ldap://whatever.analog.com/ -x -b "" -s base -LLL supportedSASLMechanisms

and get the following results

supportedSASLMechanisms: GSSAPI
supportedSASLMechanisms: GSS-SPNEGO
supportedSASLMechanisms: EXTERNAL
supportedSASLMechanisms: DIGEST-MD5

with the following results I am pretty sure that SASL with DIGEST-MD5 will enable be to authorize my self using my account password, so I have tried the following and failed:

ldapsearch -H ldaps://whatever.analog.com/ -b "" -s base -D "CN=Niall Gallagher,CN=Users,DN=whatever,DN=analog,DN=com"

I get the following prompt

SASL/DIGEST-MD5 authentication started
Please enter your password:

However, when I enter my password I get an error telling me that I have not got the correct credentials.

ldap_sasl_interactive_bind_s: Invalid credentials additional info: 8009030C: LdapErr: DSID-0C090419, comment: AcceptSecurityContext error, data 0, vece

What I find strange is that when I use the -x flag ldapsearch spits out alot of information without even asking for a password. Can anyone tell me what could be wrong here?

Thanks,
Niall

Prev by Date: LDAP (implementation specific) error (80)
Next by Date: Re: help, openldap-2.1.xx, host attribute - I try, try, try....and nothing :(
Index(es):
- Chronological
- Thread