On 02/09/2016 02:22 PM, Michael Wandel wrote:
On 09.02.2016 10:28, Frank Thommen wrote:Hi, BINDDN in ~/.ldaprc seems to be ignored or I'm doing something wrong. /etc/openldap/ldap.conf is empty. ~/.ldaprc is: $ cat ~/.ldaprc BINDDN <myBindDN> BASE <myBaseDN> URI ldaps://<myLDAPServer> TLS_REQCERT never $ ldapsearch returns an error if I don't declare the bindDN on the commandline: $ ldapsearch -W -v cn=xyz ldap_initialize( <DEFAULT> ) Enter LDAP Password: SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Local error (-2) additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (No Kerberos credentials available) $can you please check if ldapsearch -x -W -v cn=xyz is working ?
That works fine f.
best regards michaelUsing strace I can see, that ~/.ldaprc is accessed by ldapsearch. So either BINDDN is ignored or I am doing something wrong. but works happily with the bindDN on the commandline: $ ldapsearch -D <myBindDN> -W -v cn=xyz ldap_initialize( <DEFAULT> ) Enter LDAP Password: [... ldapsearch results ...] $ Using strace I can see, that ~/.ldaprc is accessed by ldapsearch. So either BINDDN is ignored or I am doing something wrong. This is with openSUSE 13.1 and ldapsearch 2.4.33. Cheers Frank
--
Frank Thommen | HD-HuB / DKFZ Heidelberg
| f.thommen@dkfz-heidelberg.de
| TP3: +49-6221-42-3562 (Mo+Di)
| IPMB: +49-6221-54-5823 (Mi-Do)