radiatejava wrote:
Thanks Michael for the response. Would you mind sharing the exact
syntax (I am having Win 2008 server) and getting these errors:
ldapsearch -H ldap://10.77.125.83 -s sub -b "dc=agentdev,dc=com" -D
sburnwal@agentdev.com -Y DIGEST-MD5 "(cn=iqsyed)"
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Invalid credentials (49)
additional info: 80090303: LdapErr: DSID-0C0904BE, comment: The
digest-uri does not match any LDAP SPN's registered for this server.,
data 0, v1db1
ldapsearch -h 10.77.125.83 -p 389 -D
"CN=sburnwal,CN=Users,DC=agentdev,DC=com" -W -s sub -b
"dc=agentdev,dc=com" -Y DIGEST-MD5 "(cn=iqsyed)"
Enter LDAP Password:
SASL/DIGEST-MD5 authentication started
ldap_sasl_interactive_bind_s: Invalid credentials (49)
additional info: 80090303: LdapErr: DSID-0C0904BE, comment: The
digest-uri does not match any LDAP SPN's registered for this server.,
data 0, v1db1
The option -D is for LDAP simple bind only.Use -X <authzid> as noted in the man-page for ldapsearch. Use the value in attribute SAM-Account-Name (LDAP attribute name 'sAMAccountName') for <authzid>.
Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature