[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap queries to w2k3 active directory fails



On Wednesday 17 January 2007 20:04, javier rojas wrote:
> Hello list,
>
> i have searched and read a lot for the pass days about ldap and active
> directory, i'm trying to  get them to work, but they dont seem to be
> very polite to each other....
>
> ldapsearch -v d 1 -h w2k3server -p 389 -X "admin"
>
> i get a list of stuff and the bottom of it i get:
>
> ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
>                  additional info: SASL (-4): no mechanism avvailable
>
> what does the -6 and the -4 stands for?, what am i missing?

AD is quite broken in some regards ... the easiest way to use OpenLDAP's 
ldapsearch to search AD is something like:

ldapsearch -x -D username@realm -W

So, if your AD domain is mydomain.com, and your username is fred, then you can 
simply do:

ldapsearch -x -h w2k3server -D fred@mydomain.com -W

(depending on the security policy, you may also need to use SSL)

Regards,
Buchan

-- 
Buchan Milne
ISP Systems Specialist - Monitoring/Authentication Team Leader
B.Eng,RHCE(803004789010797),LPIC-2(LPI000074592)

Attachment: pgp4i2LmIFkju.pgp
Description: PGP signature