[Date Prev][Date Next] [Chronological] [Thread] [Top]

Fw: LDAP/SASL problems




Hi,

Thanks

Is Possible to  create active directory schema manually in openLDAP...?

Regards
Support Team.

----- Forwarded by Krishnamoorthi Gopal/Chennai/Vernalis/IN on 06/20/2013 09:20 PM -----
From: Vishesh kumar <linuxtovishesh@gmail.com>
To: Krishnamoorthi Gopal <krishnamoorthi@vernal.is>
Cc: Ricardo Sant Ana <ricksant2003@gmail.com>, openldap-technical-bounces@openldap.org, "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Date: 06/20/2013 09:18 PM
Subject: Re: LDAP/SASL problems





As per understanding, AD use different schema so OpenLDAP replication will not work.

Thanks
Vishesh Kumar
http://www.linuxmantra.com/


On Tue, Jun 11, 2013 at 7:40 PM, Krishnamoorthi Gopal <krishnamoorthi@vernal.is> wrote:

Hi Ricardo,


Is possible to replicate Active directory  users into OpenLDAP server.


Can you confirm.


Regards
Support Team.


From: Ricardo Sant Ana <ricksant2003@gmail.com>
To: openldap-technical@openldap.org
Date: 06/11/2013 07:36 PM
Subject: LDAP/SASL problems







Hello All

I am instaling an OpenLDAP server (Ubuntu Precise) on a local network (Ip 10.67.123.146). I installed using :

apt-get install slapd ldap-utils

later, I used slapcat to insert data from a teste.ldif file.

So, the problem:
from local machine I used
ldapsearch -D "cn=admin,dc=eb,dc=mil,dc=br" -w password -p 389 -h 10.67.123.146 -b "dc=eb,dc=mil,dc=br" -s sub "(objectclass=*)"
and it works properly.

But from a remote host:
ldapsearch -D "cn=admin,dc=eb,dc=mil,dc=br" -w password -p 389 -h 10.67.123.146 -b "dc=eb,dc=mil,dc=br" -s sub "(objectclass=*)"

returns:
SASL/DIGEST-MD5 authentication started
ldap_sasl_interactive_bind_s: Invalid credentials (49)

So, from a remote host, I had to add -x option:
ldapsearch -x -D "cn=admin,dc=eb,dc=mil,dc=br" -w sped -p 389 -h 10.67.123.146 -b "dc=eb,dc=mil,dc=br" -s sub "(objectclass=*)"

and it works again. So, after some google, it seems I need to configure/install SASL support; How do I do that ?

thanks in advance
Ricardo Sant'Ana



VERNALIS SYSTEMS EMAIL NOTICE
-----------------------------
The information contained in this email and any attachments is confidential and may be subject to copyright or other intellectual property protection. If you are not the intended recipient, you are not authorized to use or disclose this information, and we request that you notify us by reply mail or telephone and delete the original message from your mail system.




--
http://linuxmantra.com

VERNALIS SYSTEMS EMAIL NOTICE
-----------------------------
The information contained in this email and any attachments is confidential and may be subject to copyright or other intellectual property protection. If you are not the intended recipient, you are not authorized to use or disclose this information, and we request that you notify us by reply mail or telephone and delete the original message from your mail system.