Skip To Content

Sign In
  
Print Help
Favorites Show Menu  |
My Teams Show Menu   		Guest
 
Search
Advanced
   
  Search Show Menu
Find
People
Places
Tags
Go to the workspace belonging to Guest  Guest Workspace   About Kablink Teaming
Skip Navigation Links
  • Show/Hide Tree BranchWorkspaces
  • //
  • Show/Hide Tree BranchGlobal workspaces
  • //
  • Show/Hide Tree BranchiFolder Community
  • //
  • Show/Hide Tree Branch(iFolder) Discussions
  • //
  • (iFolder) Customizing, Configuring and Installing
  • //
  • Active Directory
  • //
  • Re: Active Directory
  • //
Hide Sidebar
Please Sign In

Recent Places
Workspace
Show/Hide Tree Branch(iFolder) Discussions
Personal Preferences
Print   Help   
Gray star Gray star Gray star Gray star Gray star (--not rated--)
   2 replies
Thumbnail Image

Gary D Knue
Oct 8, 2009 4:55 PM

Thanks for the quick response.  I checked the simias.config file and NamingAtrribute is set to CN but I'm having trouble getting the syntax correct for the ldapsearch command.  I apologize but I'm new to Linux and have never run this command before.  I keep getting the following error:

 

ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
Attachments:  
Replies
Thumbnail Image

Mahabalesh Asundi
Oct 8, 2009 10:01 PM
20.3.1.1. Re: Re: Re: Active Directory


ldapsearch -x -Z  -H  ldap://<IP>:389 -D "AD Admin DN"  -W -b "users/admin Search context"

Examples:

ldapsearch -x -Z  -H  ldap://xxx.xxx.xxx.xxx:389  -D "CN=Administrator, cn=Users, dc=xyz,dc=com"  -W -b " cn=Users, dc=xyz,dc=com"

or if you have configured certificate as mentioned previously attached document and AD is running in SSL mode you can try,

ldapsearch -x -Z  -H  ldaps://xxx.xxx.xxx.xxx:636  -D "CN=Administrator, cn=Users, dc=xyz,dc=com"  -W -b " cn=Users, dc=xyz,dc=com"

 
Attachments:  
Thumbnail Image

Gary D Knue
Oct 9, 2009 2:28 PM
20.3.1.1.1. Re: Re: Re: Re: Active Directory

Thank you again.  I finally got the ldapsearch command to run per your examples.  I do get the following error before it asks for the LDAP password: ldap_start_tls: Server is unavailable (52), but the command does run.  I limited the search to just the ifolderadmin account I'm trying to use.  I've attached the results.  In your next step you ask me to check for multiple users with the same login attribute value.  Before I enabled LDAP I was able to get into the administrative web interface and I created a user (gknue) and used this as a test account.  I was able to login into the user web interface and also connect a windows xp client.  Could this account be causing me problems?  If so, I'm not sure how to get rid of it since I can't get into the admin interface.  I did change the INFO string to DEBUG in Simias.log4net file and restarted apache but I don't see any erros in the simias.log except when I try to login as gknue and then I get the following error:

 

2009-10-09 17:57:23,245 [-1444026032] ERROR Simias.ADLdapProvider.User - LdapError:80090308: LdapErr: DSID-0C0903AA, comment: AcceptSecurityContext error, data 525, v1771
2009-10-09 17:57:23,245 [-1444026032] ERROR Simias.ADLdapProvider.User - Error:Invalid Credentials
2009-10-09 17:57:23,245 [-1444026032] ERROR Simias.ADLdapProvider.User - DN:gknue  

 

I'm sorry to be so ignorant on this but your help is greatly appreciated. 
Attachments:  
ldapsearch.txt
ldapsearch.txt [VIEW] Oct 9, 2009 2:28 PM 2 KB Gary D Knue
Add/Delete Tags
Personal Tags
--none--
Add
Community Tags
--none--
Close
Skip Footer Toolbar
Entry Permalink