[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap-client connection to AD - LdapErr: DSID-0C090627,

To: Santosh Kumar <santosh.kb@rediffmail.com>
Subject: Re: ldap-client connection to AD - LdapErr: DSID-0C090627,
From: Michael Ströder <michael@stroeder.com>
Date: Tue, 10 Mar 2009 09:33:06 +0100
Cc: openldap-technical@openldap.org
In-reply-to: <20090310060906.38712.qmail@f4mail214.rediffmail.com>
References: <20090310060906.38712.qmail@f4mail214.rediffmail.com>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.21) Gecko/20090303 SeaMonkey/1.1.15

Santosh Kumar wrote:
> Trying to query Active Directory  via command line for searching all
> Please let me know what this error refers to
> 
> ./ldapsearch  -h 10.10.10.50 -b "ou=users,DC=SFBAY,DC=tech,DC=com"  -s
> sub "objectclass=*"
> 
> text: 00000000: LdapErr: DSID-0C090627, comment: In order to perform
> this ope
>  ration a successful bind must be completed on the connection., data 0, vece

As already said in this thread MS AD does not allow anonymous access
(except read access to some configuration data). You have to bind as a
domain user. Something like this:

> ./ldapsearch  -h 10.10.10.50 -b "ou=users,DC=SFBAY,DC=tech,DC=com" -D
"cn=myaccount,ou=users,DC=SFBAY,DC=tech,DC=com" -W -s sub "objectclass=*"

Obviously you have to know the bind-DN in advance.

>  i'm  looking to extract -b option and -D from AD

I'm not sure what you mean here.

Ciao, Michael.

References:
- ldap-client connection to AD - LdapErr: DSID-0C090627,
  - From: "Santosh Kumar" <santosh.kb@rediffmail.com>

Prev by Date: RE: ldap-client connection to AD - LdapErr: DSID-0C090627,
Next by Date: Re: ldap delete and modifying by delete problems
Index(es):
- Chronological
- Thread