search for: binddn

Hello @ll, I have a general question to Active Directory (AD), not directly concerning samba, but I think the experts of this list know the answer. At my scope: I'm using a Windows XP PC which is logged on using Microsoft AD domain and Kerberos (normal procedure). I want to find out the BindDN and - if possible the appropriate password - for using it for a query with the Linux tool "ldapsearch". The problem is that I haven't an admin-access to AD-server. (1) Where are BindDN (and password) saved (e.g. Windows registry)? (2) Which encryption (e.g. none, SSL, TLS) is used by...

...$UID_START $GID_START $smbpasswd $slaveLDAP $masterLDAP $slavePort $masterPort $ldapSSL $slaveURI $masterURI $with_smbpasswd $mk_ntpasswd $ldap_path $ldap_opts $ldapmodify $suffix $usersdn $computersdn $groupsdn $scope $binddn $bindpasswd $slaveDN $slavePw $masterDN $masterPw $_userLoginShell $_userHomePrefix $_userGecos $_defaultUserGid $_defaultComputerGid $_skeletonDir $_userSmbHome $_userProfile $_u...

...a list for my problem. I have some trobble to configure the smbldap-tools. I have download and copy the scripts to /usr/local/sbin. But a /usr/local/sbin/smbldap-useradd.pl testuser breaks with this error message: get_user_dn2: error in ldapsearch : /usr/bin/ldapsearch -x -h _SLAVELDAP_ -D '_BINDDN_' -w '_BINDPW_' -b '_SUFFIX_' -s 'sub' '(&(objectclass=posixAccount)(uid=axel))' /usr/local/sbin/smbldap-useradd.pl: error in get_user_dn2 ldap_bind: Can't contact LDAP server Hmm, I can?t understand this, my ldap server runs and works fine. Have I a mis...

...ooks like this: > -------------------------------------------------- > require('io') > > function auth_userdb_lookup(req) > local bindpwfile = "/etc/dovecot/ldap-auth-userdb.secret" > local base = "ou=people,ou=it,dc=roessner-net,dc=de" > local binddn = "cn=dovecot," .. base > > local cmd = [=[ > /bin/sh -c "ldapsearch -LLL -ZZ -y $bindpwfile -xD $binddn -b $base '(rnsMSDovecotUser=$user)' rnsMSACLGroup | \ > grep rnsMSACLGroup | \ > awk -vORS=, '{ print \$2 }' | \ > sed ...

...---------------------------- >>> require('io') >>> >>> function auth_userdb_lookup(req) >>> local bindpwfile = "/etc/dovecot/ldap-auth-userdb.secret" >>> local base = "ou=people,ou=it,dc=roessner-net,dc=de" >>> local binddn = "cn=dovecot," .. base >>> >>> local cmd = [=[ >>> /bin/sh -c "ldapsearch -LLL -ZZ -y $bindpwfile -xD $binddn -b $base '(rnsMSDovecotUser=$user)' rnsMSACLGroup | \ >>> grep rnsMSACLGroup | \ >>> awk -vORS=, '{ print...

I have the PDC/BDC with a master slave LDAP directory set up and operating. One problem is that I've only been able to get the LDAP Master/Slave replication working if I use Manager as the binddn for the replication. I'm using the IDEALX smbldap tools. If I use another user I get a ERROR: Insufficient access: no write access to entry error and a .rej file is created. Each entry shows modifiersName: cn=Manager,dc=mphqcops,dc=opmg,dc=local for all the change entries. Isn't this supp...

...-------------------------- >>> require('io') >>> >>> function auth_userdb_lookup(req) >>> local bindpwfile = "/etc/dovecot/ldap-auth-userdb.secret" >>> local base = "ou=people,ou=it,dc=roessner-net,dc=de" >>> local binddn = "cn=dovecot," .. base >>> >>> local cmd = [=[ >>> /bin/sh -c "ldapsearch -LLL -ZZ -y $bindpwfile -xD $binddn -b $base '(rnsMSDovecotUser=$user)' rnsMSACLGroup | \ >>> grep rnsMSACLGroup | \ >>> awk -vORS=, '{ pr...

...9;').each do |var| -%> olcSyncrepl: {0}rid=001 provider="ldap://<%= var %>:389" type=refreshAndPer sist retry="5 5 300 +" searchbase="<%= scope.lookupvar(''openldap::params::searchbase'') %>" attrs="*,+" bindmeth od=simple binddn="cn=<%= scope.lookupvar(''openldap::params::binddn'') %>" credentials="<%= scope.lookupvar(''openldap::params::secret'') %>" <% end -%> I want to auto increment the {0}rid=001 for each iteration of the loop. Is there an easy wa...

...lly, I'm trying initially to SSH into my AD server (working) using nslcd. I've tried method #1 from https://wiki.samba.org/index.php/Local_user_management_and_authentication/ns lcd My simple config is: uid nslcd gid nslcd uri ldap://127.0.0.1:389 base cn=Users,dc=acasta,dc=intra binddn cn=nslcd-connect,cn=Users, dc=acasta,dc=intra bindpw xxxxx filter passwd (objectClass=user) filter group (objectClass=group) map passwd uid sAMAccountName map passwd homeDirectory unixHomeDirectory map passwd gecos displayName map...

...clude statement. The Lua script looks like this: -------------------------------------------------- require('io') function auth_userdb_lookup(req) local bindpwfile = "/etc/dovecot/ldap-auth-userdb.secret" local base = "ou=people,ou=it,dc=roessner-net,dc=de" local binddn = "cn=dovecot," .. base local cmd = [=[ /bin/sh -c "ldapsearch -LLL -ZZ -y $bindpwfile -xD $binddn -b $base '(rnsMSDovecotUser=$user)' rnsMSACLGroup | \ grep rnsMSACLGroup | \ awk -vORS=, '{ print \$2 }' | \ sed 's/,$/\n/'" ]=]...

...oupsdn = "ou=Groups,$suffix"; for ou=Groups,dc=IDEALX,dc=ORG $groupsou = q(GROUPS); $groupsdn = "ou=groups,$suffix"; # Default scope Used $scope = "sub"; # Unix password encryption (CRYPT, MD5, SMD5, SSHA, SHA) $hash_encrypt="CRYPT"; # Bind DN used # Ex: $binddn = "cn=Manager,$suffix"; for cn=Manager,dc=IDEALX,dc=org $binddn = "cn=Manager,$suffix"; # Bind DN passwd used # Ex: $bindpasswd = 'secret'; for 'secret' $bindpasswd = "secret"; S-1-5-21-4058613952-3403335136-1230151498 Barry Haycock T +61 2 6216 8905...

> On 28/08/2019 21:01 R.N.S. via dovecot <dovecot at dovecot.org> wrote: > > > > Am 28.08.2019 um 19:46 schrieb Jakobus Sch?rz via dovecot <dovecot at dovecot.org>: > > > > I think, i had the same problem as you. > > > > When dovecot runs lmtp, no user is logged in, so there is no user from > > which you can get groups. So i think, my

...------------------------------------------------- >> require('io') >> >> function auth_userdb_lookup(req) >> local bindpwfile = "/etc/dovecot/ldap-auth-userdb.secret" >> local base = "ou=people,ou=it,dc=roessner-net,dc=de" >> local binddn = "cn=dovecot," .. base >> >> local cmd = [=[ >> /bin/sh -c "ldapsearch -LLL -ZZ -y $bindpwfile -xD $binddn -b $base '(rnsMSDovecotUser=$user)' rnsMSACLGroup | \ >> grep rnsMSACLGroup | \ >> awk -vORS=, '{ print \$2 }' | \...

...lit between two servers, to the point that "don't split samba and LDAP" is now the stuff of legends. A second question: do settings in /etc/ldap.conf affect Samba's ability to talk to LDAP? As far as I can tell, the only purpose for /etc/ldap.conf is to provide a default (baseDN, bindDN, bindpw, host) for ldapsearch and related tools, and every single LDAP operation I can find relating to samba specifically names the new (baseDN and server IP) for all ldap-related commands; however, Samba still won't play nicely with the new LDAP server. For example: Our old LDAP server runs...

A while ago i posted that i couldn't get samba working from Windows XP clients. I finally get it working just by adding the base dc and binddn stuff in ldap.conf I guess it is mandatory as i couldn't get samba working without it. MY question is: how come doesn't it figure in the documentation, it might be useful for beginners.

...y changes on PDC, here is my conf. on /etc/openldap/slapd.conf LDAP Server master moduleload syncprov overlay syncprov syncprov-checkpoint 100 10 syncprov-sessionlog 100 LDAP Server mirror moduleload syncprov syncrepl rid=001 provider=ldap://ldap.domain.com:389 bindmethod=simple binddn="cn=admin,dc=domain,dc=com" credentials=<password> searchbase="dc=domain,dc=com" schemachecking=off type=refreshAndPersist retry="60 +" mirrormode on when i've configured like above then i restart ldap service the service cannot start a...

Hi to all! I've set up Zimbra LDAP (2.4) as master, and I want to use RHEL v5 LDAP (2.3) as a slave. This is relevant part of my slapd.conf on LDAP 2.3: # syncrepl directives syncrepl rid=101 provider=ldap://192.168.1.86 bindmethod=simple binddn="uid=zimbra,cn=admins,cn=zimbra" credentials=PASSword searchbase="dc=company,dc=com" schemachecking=on type=refreshAndPersist retry="60 +" syncdata=accesslog # Refer updates to the master updateref ldap://192.168.1.86 Replication works OK, when I first start LD...

...mbldap-tools scripts use vars qw($VERSION @ISA @EXPORT @EXPORT_OK %EXPORT_TAGS $UID_START $GID_START $smbpasswd $slaveLDAP $masterLDAP $slavePort $masterPort $ldapSSL $slaveURI $masterURI $with_smbpasswd $mk_ntpasswd $ldap_path $ldap_opts $ldapmodify $suffix $usersdn $computersdn $groupsdn $scope $binddn $bindpasswd $slaveDN $slavePw $masterDN $masterPw $_userLoginShell $_userHomePrefix $_userGecos $_defaultUserGid $_defaultComputerGid $_skeletonDir $_userSmbHome $_userProfile $_userHomeDrive $_userScript $usersou $computersou $groupsou $SID $hash_encrypt ); use Exporter; $VERSION = 1.00; @ISA = q...

...under FreeBSD that was working well until the config was tweaked by someone on the team without properly documenting their work # /usr/local/etc/ldap.con on ldap server (FreeBSD 8.1) host LBSD.summitnjhome.com base dc=summitnjhome,dc=com sudoers_base ou=sudoers,ou=Services,dc=summitnjhome,dc=com binddn cn=pam_ldap,ou=Services,dc=summitnjhome,dc=com bindpw {SSHA}secret scope sub pam_password exop nss_base_passwd ou=staff,dc=summitnjhome,dc=com nss_base_shadow ou=staff,dc=summitnjhome,dc=com # grep for ldap account shows ldap account on the ldap server itself succeeds [root at LBSD2:/usr/local/e...

...openssl 1.0.0 to openssl 1.0.1. On a server with up-to-date packages (openssl-1.0.1e-16.el6_5.x86_64, openldap-clients-2.4.23-32.el6_4.1.x86_64) I get the following errors when issuing an ldapsearch (some parts anonymized): [bad]# ldapsearch -H "ldaps://ldap.domain.org:6636/" -D <binddn> -x -W -b <searchbase> -d1 -s sub -v "uid=ME" ldap_url_parse_ext(ldaps://ldap.domain.org:6636/) ldap_initialize( ldaps://ldap.domain.org:6636/??base ) ldap_create ldap_url_parse_ext(ldaps://ldap.domain.org:6636/??base) Enter LDAP Password: ldap_sasl_bind ldap_send_initial_reques...