[Date Prev][Date Next]
RE: Getting output from proxied Active Directory connection
> Subject: Getting output from proxied Active Directory connection
After all that, I try the same thing again today, and it works first
However, I seem to be having problems with the idassert section.
When I do an ldapsearch, if I specify a username and password on the
command line, it works, but doesn't use the idassert details.
If I just do:
ldapsearch -x -b "cn=Chris Clemson,ou=users,ou=SITE,ou=Corp,ou=Service
"48 Inappropriate authentication"
If I do:
ldapsearch -b "cn=Chris Clemson,ou=users,ou=SITE,ou=Corp,ou=Service
SASL/OTP authentication started
ldap_sasl_interactive_bind_s: Invalid credentials (49)
additional info: SASL(-13): user not found: no OTP secret in
Basically I'm trying to give read only access to anonymous clients.
According to something I've read, I need to use idassert-authzFrom too,
but surely I don't need this if I want to allow anonymous connections?
Any idea what I'm missing?
Below is my config:
> include /etc/openldap/schema/core.schema
> include /etc/openldap/schema/cosine.schema
> include /etc/openldap/schema/inetorgperson.schema
> include /etc/openldap/schema/MSOutlook.schema
> <- custom one I
> found on for other attributes
> pidfile /var/openldap/run/slapd.pid
> argsfile /var/openldap/run/slapd.args
> Moduleload back_ldap.la
> access to * by * read
> database ldap
> uri ldap://LOCALDC
> suffix "dc=emea,dc=corp,dc=local"
> binddn="cn=OpenLDAP Access