Jules Houantonon
2016-Jul-25 20:34 UTC
[Samba] Unable to execute ldapsearch on samba4 installed in Active Directory mode
Dear all, i install samba-sernet-ad 4.2 on a Centos 7.2 Linux. I also install phpldapadmin to connect to the domain with the Administrator distinguished name.>From phpldapadmin, i am able to connect as anonymous, but when i try toprovide Administrator Distinguished name and password, authentication failed. I received this error : stronger authentication required (8) for user. I then try to use ldapsearch, but i still not success to have great result. $ldapsearch -xLLL -H ldap://localhost:389 -D "cn=Administrator,dc=HPRS,dc=local" -W -b "dc=lab,dc=local" after entering the password, it display the same message while using phpldapadmin out : Stronger authentication required Additional info : BindSimple : Transportencryption required When i replace ldap by ldaps and 389 by 636 , i get : ldap_sasl_bind(Simple) : Cannot contact ldap server (-1) Can anyone help me please ? Thank you for your support Regards -- Jules HOUANTONON *Phone* : (00229) 97578914 *Email *: juleshoueto at gmail.com *Skype* : houantonon *linkedin* : www.linkedin.com/in/jhouantonon/en
Stefan Kania
2016-Jul-25 20:57 UTC
[Samba] Unable to execute ldapsearch on samba4 installed in Active Directory mode
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 you can't use simple bind with Samba 4 AD. You need kerberos for authentication. you can add: ldap server require strong auth = no to your smb.conf of your ADDC to get it work with administrator as login credential. Am 25.07.2016 um 22:34 schrieb Jules Houantonon:> Dear all, > > i install samba-sernet-ad 4.2 on a Centos 7.2 Linux. > > I also install phpldapadmin to connect to the domain with the > Administrator distinguished name. > > From phpldapadmin, i am able to connect as anonymous, but when i > try to provide Administrator Distinguished name and password, > authentication failed. > > I received this error : stronger authentication required (8) for > user. > > I then try to use ldapsearch, but i still not success to have great > result. > > $ldapsearch -xLLL -H ldap://localhost:389 -D > "cn=Administrator,dc=HPRS,dc=local" -W -b "dc=lab,dc=local" > > after entering the password, it display the same message while > using phpldapadmin out : Stronger authentication required > Additional info : BindSimple : Transportencryption required > > When i replace ldap by ldaps and 389 by 636 , i get : > ldap_sasl_bind(Simple) : Cannot contact ldap server (-1) > > Can anyone help me please ? > > Thank you for your support > > Regards > > >-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) iEYEARECAAYFAleWfSIACgkQ2JOGcNAHDTZREwCePtowPdxvAUhuElgS+l68nj7C sk0AoJc32m2ix+JiuhMhQiNWtz7y1v3A =2VLC -----END PGP SIGNATURE-----
Jules Houantonon
2016-Jul-25 21:22 UTC
[Samba] Unable to execute ldapsearch on samba4 installed in Active Directory mode
Thank you dear Stefan, It works perfectly in both case. Refards On Mon, Jul 25, 2016 at 9:57 PM, Stefan Kania <stefan at kania-online.de> wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > you can't use simple bind with Samba 4 AD. You need kerberos for > authentication. you can add: > ldap server require strong auth = no > to your smb.conf of your ADDC to get it work with administrator as > login credential. > > > Am 25.07.2016 um 22:34 schrieb Jules Houantonon: > > Dear all, > > > > i install samba-sernet-ad 4.2 on a Centos 7.2 Linux. > > > > I also install phpldapadmin to connect to the domain with the > > Administrator distinguished name. > > > > From phpldapadmin, i am able to connect as anonymous, but when i > > try to provide Administrator Distinguished name and password, > > authentication failed. > > > > I received this error : stronger authentication required (8) for > > user. > > > > I then try to use ldapsearch, but i still not success to have great > > result. > > > > $ldapsearch -xLLL -H ldap://localhost:389 -D > > "cn=Administrator,dc=HPRS,dc=local" -W -b "dc=lab,dc=local" > > > > after entering the password, it display the same message while > > using phpldapadmin out : Stronger authentication required > > Additional info : BindSimple : Transportencryption required > > > > When i replace ldap by ldaps and 389 by 636 , i get : > > ldap_sasl_bind(Simple) : Cannot contact ldap server (-1) > > > > Can anyone help me please ? > > > > Thank you for your support > > > > Regards > > > > > > > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2.0.22 (GNU/Linux) > > iEYEARECAAYFAleWfSIACgkQ2JOGcNAHDTZREwCePtowPdxvAUhuElgS+l68nj7C > sk0AoJc32m2ix+JiuhMhQiNWtz7y1v3A > =2VLC > -----END PGP SIGNATURE----- > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >-- Jules HOUANTONON *Phone* : (00229) 97578914 *Email *: juleshoueto at gmail.com *Skype* : houantonon *linkedin* : www.linkedin.com/in/jhouantonon/en