change ldap:// to ldaps:// in your command. ________________________________ From: Cool The Breezer [mailto:[email protected]] Sent: Monday, March 01, 2010 6:02 PM To: Xu, Qiang (FXSGSC); Echedey Lorenzo Cc: Jonathan Clarke; [email protected] Subject: Re: OpenLDAP client configuration with CentOS 5.3
I think it uses. We use the same for Windows login. ________________________________ From: "Xu, Qiang (FXSGSC)" <[email protected]> To: Cool The Breezer <[email protected]>; Echedey Lorenzo <[email protected]> Cc: Jonathan Clarke <[email protected]>; "[email protected]" <[email protected]> Sent: Mon, March 1, 2010 3:16:28 PM Subject: RE: OpenLDAP client configuration with CentOS 5.3 Is the server using SSL/TLS connection? ________________________________ From: [email protected] [mailto:[email protected]] On Behalf Of Cool The Breezer Sent: Monday, March 01, 2010 4:56 PM To: Echedey Lorenzo Cc: Jonathan Clarke; [email protected] Subject: Re: OpenLDAP client configuration with CentOS 5.3 Still no luck. It gave following errors ldap_bind: Invalid credentials (49) additional info: 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 525, vece All credentials used correctly. regards, RB ________________________________ From: Echedey Lorenzo <[email protected]> To: Cool The Breezer <[email protected]> Cc: Jonathan Clarke <[email protected]>; [email protected] Sent: Mon, March 1, 2010 2:14:36 PM Subject: Re: OpenLDAP client configuration with CentOS 5.3 Try: ldapsearch -x -H ldap://xxx.yyy.com-D "cn=Directory Manager" "(objectclass=*)" -W _e3user KR 2010/3/1 Cool The Breezer <[email protected]<mailto:[email protected]>> I tried as per suggestions using man page. But still getting the error ldapsearch -H ldap://xxx.yyy.com-D "cn=Directory Manager" "(objectclass=*)" -W -X _e3user Enter LDAP Password: SASL/EXTERNAL authentication started ldap_sasl_interactive_bind_s: Unknown authentication method (-6) additional info: SASL(-4): no mechanism available: It now generates a new error. I tried using authconfig with --enableldap, --enablewinbind and --disableldaptls. Still users are not able to login to linux box using LDAP credentials. ----- Original Message ---- From: Jonathan Clarke <[email protected]<mailto:[email protected]>> To: Cool The Breezer <[email protected]<mailto:[email protected]>> Cc: [email protected]<mailto:[email protected]> Sent: Mon, March 1, 2010 1:16:32 PM Subject: Re: OpenLDAP client configuration with CentOS 5.3 Le 01/03/2010 06:53, Cool The Breezer a écrit : > Thanks for your suggestion. But still there is some problem. > /ldapsearch -H > ldap://ldap-sunnyvale.juniper.net<http://ldap-sunnyvale.juniper.net> -x -LL > ou=people,dc=jnpr,dc=net "{mail=*norton*}" sn cn mail/ > / > / > /Output: version: 1/ > / > / > /Operations error (1)/ > /Additional information: 00000000: LdapErr: DSID-0C090627, comment: In > order to perform this operation a successful bind must be completed on > the connection., data 0, vece/ > > Not sure the reason behind such errors. I think there is something > wrong, because when I am trying to login linux box using ldap > credentials, it simply closes the connection. As it says in this error message: "a successful bind must be completed on the connection". This means you must authenticate to the LDAP server in order to search in it. Check the -D and -w/-W options in the ldapsearch(1) man page. You'll need a valid account in your LDAP server and it's password. Jonathan -- -------------------------------------------------------------- Jonathan Clarke - [email protected]<mailto:[email protected]> -------------------------------------------------------------- Ldap Synchronization Connector (LSC) - http://lsc-project.org -------------------------------------------------------------- -- -------------------------------------------- | Echedey Lorenzo Arencibia | --------------------------------------------
