[Date Prev][Date Next] [Chronological] [Thread] [Top]

Strange results with ldapsearch and Active Directory


I have been trying to use ldapsearch to query Active Directory, however I am getting some strange results. I use the following command:

ldapsearch -H ldap://whatever.analog.com/ -x -b "" -s base -LLL supportedSASLMechanisms

and get the following results

supportedSASLMechanisms: GSSAPI
supportedSASLMechanisms: GSS-SPNEGO
supportedSASLMechanisms: EXTERNAL
supportedSASLMechanisms: DIGEST-MD5

with the following results I am pretty sure that SASL with DIGEST-MD5 will enable be to authorize my self using my account password, so I have tried the following and failed:

ldapsearch -H ldaps://whatever.analog.com/ -b "" -s base -D "CN=Niall Gallagher,CN=Users,DN=whatever,DN=analog,DN=com"

I get the following prompt

SASL/DIGEST-MD5 authentication started
Please enter your password:

However, when I enter my password I get an error telling me that I have not got the correct credentials.

ldap_sasl_interactive_bind_s: Invalid credentials
additional info: 8009030C: LdapErr: DSID-0C090419, comment: AcceptSecurityContext error, data 0, vece

What I find strange is that when I use the -x flag ldapsearch spits out alot of information without even asking for a password. Can anyone tell me what could be wrong here?