[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How to configure OpenLdap Client to work with Windows Active Directory

On Wed, Jun 29, 2011 at 05:41:26PM -0700, yen nguyen wrote:

> Can ldapsearch work with Windows AD via GSSAPI? Is there any special setting/
> software I need to do on the client side?

GSSAPI is normally a carrier for Kerberos tickets, so for this
to work you will need to obtain a valid ticket for the AD
service. This will involve connecting your client system to the
Kerberos domain managed by the AD system.

> On my Client system, I have Windows openldap client tools (ldapsearch ....etc).
> My Server system has Windows AD running.
> I was able to use Simple Authentication and it worked.
> ldapsearch.exe -H ldap://MPSD-EB01T3/ -b "dc=test,dc=com"  -x

Without the -D and -w (or -W) options, this is just anonymous
(un-authenticated) access.

You can certainly use the OpenLDAP client tools with AD using
simple authentication. The main problem is to find out what the DN of
your AD account actually is.

|                 From Andrew Findlay, Skills 1st Ltd                 |
| Consultant in large-scale systems, networks, and directory services |
|     http://www.skills-1st.co.uk/                +44 1628 782565     |