Re: OpenLDAP client configuration with CentOS 5.3

[Echedey Lorenzo]

If you are using SSL I think you also need to setup the certificate the
server is using in your ldap client.

2010/3/1 Xu, Qiang (FXSGSC) <qiang...@fujixerox.com>

>  change ldap:// to ldaps:// in your command.
>
>  ------------------------------
> *From:* Cool The Breezer [mailto:techcool.ku...@yahoo.com]
> *Sent:* Monday, March 01, 2010 6:02 PM
> *To:* Xu, Qiang (FXSGSC); Echedey Lorenzo
>
> *Cc:* Jonathan Clarke; openldap-technical@openldap.org
> *Subject:* Re: OpenLDAP client configuration with CentOS 5.3
>
>  I think it uses. We use the same for Windows login.
>
>  ------------------------------
> *From:* "Xu, Qiang (FXSGSC)" <qiang...@fujixerox.com>
> *To:* Cool The Breezer <techcool.ku...@yahoo.com>; Echedey Lorenzo <
> eche...@gmail.com>
> *Cc:* Jonathan Clarke <jonat...@phillipoux.net>; "
> openldap-technical@openldap.org" <openldap-technical@openldap.org>
> *Sent:* Mon, March 1, 2010 3:16:28 PM
> *Subject:* RE: OpenLDAP client configuration with CentOS 5.3
>
> Is the server using SSL/TLS connection?
>
>  ------------------------------
> *From:* openldap-technical-bounces+qiang.xu=fujixerox....@openldap.org
> [mailto:openldap-technical-bounces+qiang.xu<openldap-technical-bounces%2Bqiang.xu>
> =fujixerox....@openldap.org] *On Behalf Of *Cool The Breezer
> *Sent:* Monday, March 01, 2010 4:56 PM
> *To:* Echedey Lorenzo
> *Cc:* Jonathan Clarke; openldap-technical@openldap.org
> *Subject:* Re: OpenLDAP client configuration with CentOS 5.3
>
>  Still no luck. It gave following errors
>
>  ldap_bind: Invalid credentials (49)
>         additional info: 80090308: LdapErr: DSID-0C090334, comment:
> AcceptSecurityContext error, data 525, vece
>
> All credentials used correctly.
> regards,
> RB
>
>  ------------------------------
> *From:* Echedey Lorenzo <eche...@gmail.com>
> *To:* Cool The Breezer <techcool.ku...@yahoo.com>
> *Cc:* Jonathan Clarke <jonat...@phillipoux.net>;
> openldap-technical@openldap.org
> *Sent:* Mon, March 1, 2010 2:14:36 PM
> *Subject:* Re: OpenLDAP client configuration with CentOS 5.3
>
> Try:
>
> ldapsearch -x -H ldap://xxx.yyy.com-D "cn=Directory Manager"
> "(objectclass=*)" -W _e3user
>
> KR
>
> 2010/3/1 Cool The Breezer <techcool.ku...@yahoo.com>
>
>> I tried as per suggestions using man page. But still getting the error
>>
>> ldapsearch -H ldap://xxx.yyy.com-D "cn=Directory Manager"
>> "(objectclass=*)" -W -X _e3user
>> Enter LDAP Password:
>> SASL/EXTERNAL authentication started
>> ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
>>        additional info: SASL(-4): no mechanism available:
>>
>>
>> It now generates a new error. I tried using authconfig with --enableldap,
>>  --enablewinbind  and  --disableldaptls.
>> Still users are not able to login to linux box using LDAP credentials.
>>
>>
>>
>> ----- Original Message ----
>> From: Jonathan Clarke <jonat...@phillipoux.net>
>> To: Cool The Breezer <techcool.ku...@yahoo.com>
>> Cc: openldap-technical@openldap.org
>> Sent: Mon, March 1, 2010 1:16:32 PM
>> Subject: Re: OpenLDAP client configuration with CentOS 5.3
>>
>>  Le 01/03/2010 06:53, Cool The Breezer a écrit :
>> > Thanks for your suggestion. But still there is some problem.
>> > /ldapsearch -H ldap://ldap-sunnyvale.juniper.net -x -LL
>> > ou=people,dc=jnpr,dc=net "{mail=*norton*}" sn cn mail/
>> > /
>> > /
>> > /Output: version: 1/
>> > /
>> > /
>> > /Operations error (1)/
>> > /Additional information: 00000000: LdapErr: DSID-0C090627, comment: In
>> > order to perform this operation a successful bind must be completed on
>> > the connection., data 0, vece/
>> >
>> > Not sure the reason behind such errors. I think there is something
>> > wrong, because when I am trying to login linux box using ldap
>> > credentials, it simply closes the connection.
>>
>> As it says in this error message: "a successful bind must be completed on
>> the connection". This means you must authenticate to the LDAP server in
>> order to search in it.
>>
>> Check the -D and -w/-W options in the ldapsearch(1) man page. You'll need
>> a valid account in your LDAP server and it's password.
>>
>> Jonathan
>> -- --------------------------------------------------------------
>> Jonathan Clarke - jonat...@phillipoux.net
>> --------------------------------------------------------------
>> Ldap Synchronization Connector (LSC) - http://lsc-project.org
>> --------------------------------------------------------------
>>
>>
>>
>>
>>
>
>
> --
> --------------------------------------------
> | Echedey Lorenzo Arencibia  |
> --------------------------------------------
>
>
>


-- 
--------------------------------------------
| Echedey Lorenzo Arencibia  |
--------------------------------------------