RE: [nssldap] pam_ldap and nss_ldap can't connect to LDAP server(s)

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Aaron Hicks <HicksA [at] landcareresearch.co.nz>
To: "nssldap [at] padl.com" <nssldap [at] padl.com>
Subject: RE: [nssldap] pam_ldap and nss_ldap can't connect to LDAP server(s)
Date: Fri, 26 Jun 2009 09:04:37 +1200

Thanks Andreas,

Yes, searching with ldapsearch works on AD when I bind with "-D 
cn=valid,cd=distinguished,cn=name -W", generally ldapsearch (and other command 
line tools and Softerra LDAP Administrator) works. pam_ldap isn't connecting.

Regards,

Aaron Hicks

> -----Original Message-----
> From: Andreas Moroder [andreas.moroder [at] sb-brixen.it]
> Sent: Thursday, 25 June 2009 6:03 p.m.
> To: Aaron Hicks
> Subject: Re: [nssldap] pam_ldap and nss_ldap can't connect to LDAP
> server(s)
>
> Aaron Hicks schrieb:
> > Hello the list,
> >
> > I've been trying to authenticate linux logins with Ubuntu and CentOS
> using LDAP against our Novell eDirectory or our Active Directory.
> CentOS is more important to us as it's distribution used in some of our
> pre-packaged server installs.
> >
> > The packages openldap_clients and nss-ldap (for CentOS) are installed
> and up to date (using yum).
> >
> > The configuration on /etc/openldap/ldap.conf works and I can use
> ldapsearch to bind and search our directories freely from the command
> line.
> >
> > /etc/openldap/ldap.conf
> > URI ldap://ldap.our.long.domain.co.nz
> > BASE dc=our,dc=long,dc=domain,dc=co,dc=nz
> > TLS_REQCERT never
> >
> > When you do:
> >
> > ldapsearch -x ""
> >
> > The LDAP server (A Windows Server 2003 Domain Controller) responds
> with:
> >
> > # extended LDIF
> > #
> > # LDAPv3
> > # base <dc=our,dc=long,dc=domain,dc=co,dc=nz> (default) with scope
> subtree
> > # filter: (objectclass=*)
> > # requesting:
> > #
> >
> > # search result
> > search: 2
> > result: 1 Operations error
> > text: 00000000: LdapErr: DSID-0C090627, comment: In order to perform
> this ope
> >  ration a successful bind must be completed on the connection., data
> 0, vece
> >
> > # numResponses: 1
> >
> Hello Aaron,
>
> I am not a expert, but AFAIK AD does not allow searches without login
>
> http://support.microsoft.com/?scid=kb%3Ben-us%3B326690&x=1&y=11
>
> Bye
> Andreas

Please consider the environment before printing this email
Warning:  This electronic message together with any attachments is 
confidential. If you receive it in error: (i) you must not read, use, disclose, 
copy or retain it; (ii) please contact the sender immediately by reply email 
and then delete the emails.
The views expressed in this email may not be those of Landcare Research New 
Zealand Limited. http://www.landcareresearch.co.nz

Re: [pamldap] RE: [nssldap] pam_ldap and nss_ldap can't connect to LDAP server(s), (continued)
- Re: [nssldap] pam_ldap and nss_ldap can't connect to LDAP server(s), Thomas Koeller
- Message not available
  - RE: [nssldap] pam_ldap and nss_ldap can't connect to LDAP server(s), Aaron Hicks

Prev by Date: [nssldap] getnetbyaddr not working with LDAP
Next by Date: RE: [nssldap] pam_ldap and nss_ldap can't connect to LDAP server(s)
Previous by thread: Re: [nssldap] pam_ldap and nss_ldap can't connect to LDAP server(s)
Next by thread: [nssldap] getnetbyaddr not working with LDAP