Displaying 20 results from an estimated 48 matches for "ldap_sasl_interactive_bind_".
Did you mean:
ldap_sasl_interactive_bind_s
2015 Apr 17
3
LDAPS on DC
...P traffic is encrypted on my Samba 4 DC. I
have read and followed https://wiki.samba.org/index.php/Setup_LDAPS_on_a_DC
but when I attempt to connect to the DC on port 636 or via ldaps:// or both
via ldapsearch (linux) and ldp (windows) I cannot connect.
Failed tests:
*ldapsearch -I -H ldaps://dc*
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
additional info: (unknown error code)
*ldapsearch -I -H ldaps://dc:636*
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
additional info: (unknown error code)
*ldapsearch -I -H ldap://dc:636*
ldap_sasl_interactive_bind_s: Can...
2011 Apr 23
1
ldapsearch with samba4
...subtree
# filter: (sAMAccountName=dumaresq)
# requesting: ALL
#
results in here...
# search result
search: 5
result: 0 Success
# numResponses: 2
# numEntries: 1
I cannot get ldapsearch -Z or ldaps working:
ldapsearch '(sAMAccountName=dumaresq)' -Z
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Server is unwilling to perform (53)
additional info: SASL:[GSSAPI]: Sign or Seal are not allowed if
TLS is used
Here is what I get in samba.log when I do did that command:
[2011/04/23 14:29:56, 3]
../source4/lib/ldb-samba/ldb_wrap.c:319(ldb_wrap_connect)
ldb_wrap open of secrets...
2016 Apr 19
5
Ldapsearch against Samba 4
...389 -h DC -u me at ourdomain.com.au -W -X -LLL -b
"dc=ourdomain,dc=com,dc=au" -s sub
However, running an equivalent search on a freshly installed test
domain, using the exact same version of Samba and the same smb.conf
(with appropriate domain adjustments), I get the following error:
ldap_sasl_interactive_bind_s: Strong(er) authentication required (8)
additional info: SASL:[NTLM]: Sign or Seal are required.
I believe this is the problem behind sssd not working on the test domain
client, which I need to get working before I can proceed.
To the best of my recollection, we have never done anything sp...
2012 Aug 13
0
ldapsearch -> samba4
...he DC is correct.
The results of an ldapsearch against the DC are not consistent:
# ldapsearch -H ldap://<dc-server> cn=<client-short-name>
always works, but with -N added it does the following:
* about 10% of the time it works perfectly;
* about 60% of the time it fails with:
ldap_sasl_interactive_bind_s: Invalid credentials (49)
additional info: SASL:[GSSAPI]: NT_STATUS_LOGON_FAILURE
* about 30% of the time it fails with:
ldap_sasl_interactive_bind_s: Local error (-2)
additional info: SASL(-1): generic failure: GSSAPI Error: An
invalid name was supplied (Unknown error)
while if the...
2015 Jul 07
3
SASL DIGEST-MD5 NT_STATUS_INVALID_PARAMETER
I've googled and I believe that SASL method DIGEST-MD5 is supported and
I see it in the samba startup, but it doesn't work.
ldapsearch -Y DIGEST-MD5 -h dc03.mediture.dom
SASL/DIGEST-MD5 authentication started
ldap_sasl_interactive_bind_s: Operations error (1)
additional info: SASL:[DIGEST-MD5]: Failed to start authentication backend: NT_STATUS_INVALID_PARAMETER
[root at dc03 ~]# samba -i -M single -d3
lpcfg_load: refreshing parameters from /usr/local/samba/etc/smb.conf
samba version 4.2.0 started.
Copyright Andrew Tridgell and t...
2016 Jun 07
2
ldapsearch & GSSAPI => Server not found in Kerberos database
...ich accept ldapsearch with credentials
but which refuse ldapsearch with GSSAPI.
The issue does not seem to be coming from the client as I discovered this
issue writing a script to test all 22 DC, and all 21 others DC are working
well from that client.
The error:
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Local error (-2)
additional info: SASL(-1): generic failure: GSSAPI Error:
Unspecified GSS failure. Minor code may provide more information (Server
not found in Kerberos database)
I did reinstall the whole server ('cause I'm lazy, hoping the issue
disappear by itself) but the is...
2017 Jan 11
4
SSL Certificate
...-VERS-SSL3.0
tls verify peer = as_strict_as_possible
ldapsearch -U USER -h ldaps://localhost -p636 -w PASS -b
dc=internal,dc=test,dc=com,dc=br -s sub '(objectClass=user)' givenName
-LLL -n -N -Z
ldap_start_tls: Connect error (-11)
additional info: (unknown error code)
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
additional info: (unknown error code)
What would be wrong?
Em 11-01-2017 14:39, Rowland Penny via samba escreveu:
> On Wed, 11 Jan 2017 11:09:15 -0500
> Matthew Daubenspeck via samba <samba at lists.samba.org> wrote:
>
>> I'...
2012 Nov 21
2
DC with external LDAP
...--> worked with XP clients, but Win7 clients couldn't join to the domain.
2. https://wiki.samba.org/index.php/Samba4/HOWTO (server: RHEL 6.3) --> works fine with all clients, but I can't communicate with internal LDAP, I get this error message when I try a simple ldapsearch:
ldap_sasl_interactive_bind_s: Local error (-2) additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Ticket expired)
I googled around a lot, but haven't found any working solutions yet. Do you know any answer to this problem? Or can you advise an alte...
2016 Jun 15
1
ldapsearch & GSSAPI => Server not found in Kerberos database
...)
Reminder of the issue:
Every services (CIFS, Kerberos, LDAP, DNS, RPC) on one DC were working well
and ldapsearch using DN and password were also working.
The only thing which was not working was ldapsearch using GSSAPI
authentication with the following error:
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Local error (-2)
additional info: SASL(-1): generic failure: GSSAPI Error:
Unspecified GSS failure. Minor code may provide more information (Server
not found in Kerberos database)
This issue was happening only from one client, some Debian Jessie (8), it
wasn't happening on DC which...
2020 Oct 10
10
Mail samba
Hi I am trying to authenticate my mail server with samba ad.
The only problem is that I don?t get it working.
root at dna:/data/CA/EasyRSA-v3.0.6# ldapsearch -x -h gaia.rompen.lokaal -D 'vmail' -W -b 'cn=users,dc=rompen,dc=lokaal'
Enter LDAP Password:
ldap_bind: Strong(er) authentication required (8)
additional info: BindSimple: Transport encryption required.
I can not read
2016 Apr 19
2
Ldapsearch against Samba 4
..."dc=ourdomain,dc=com,dc=au" -s sub
>>
>> However, running an equivalent search on a freshly installed test
>> domain, using the exact same version of Samba and the same smb.conf
>> (with appropriate domain adjustments), I get the following error:
>>
>> ldap_sasl_interactive_bind_s: Strong(er) authentication required (8)
>> additional info: SASL:[NTLM]: Sign or Seal are required.
>>
>> I believe this is the problem behind sssd not working on the test
>> domain
>> client, which I need to get working before I can proceed.
>>
>> T...
2019 Apr 06
2
"00002020: Operation unavailable without authentication" using python-ldap
...=ad,dc=example,dc=com" "(objectClass=user)" "sAMAccountName"
However, when I try to use python-ldap I get this error:
00002020: Operation unavailable without authentication
I've traced ldapsearch and python using ltrace, and both seem to be
making the same calls (ldap_sasl_interactive_bind_s and
ldap_search_ext) and passing the same parameters.
This feels like a bug in python-ldap, but I've been tracing this for
hours and can't find anything which indicates that. I set my samba
"log level" to 10 and grabbed a snapshot right around this query, but
it's still 1.4M...
2020 Oct 10
0
Mail samba
...extended LDIF
>>
> What is strange is that I get this
> root at dna:/home/philip# ldapsearch -h gaia.rompen.lokaal -U 'philip' -W
> -b 'cn=users,dc=rompen,dc=lokaal'
> Enter LDAP Password:
> SASL/NTLM authentication started
> Please enter your password:
> ldap_sasl_interactive_bind_s: Invalid credentials (49)
> additional info: 8009030C: LdapErr: DSID-0C0904DC, comment:
> AcceptSecurityContext error, data 52e, v1db1
>
> I don?t fully understand. But what do you have to fill in by ldap
> password? The user password or is this an global password? What does
>...
2002 Feb 23
2
Using LDAP and Samba I'm getting a stange error
Does anyone know what the following error means, and what I can do to
fix it??
[root@trouble openldap]# ldapadd -D "cn=root,o=smb,dc=picotech,dc=net"
-W
Enter LDAP Password:
ldap_sasl_interactive_bind_s: No such attribute
-------------
Jeffrey D. Means
CIO for PicoTech
Ft. Collins, Colorado
-------------- next part --------------
HTML attachment scrubbed and removed
2005 Mar 09
0
strange Samba3 / sudo / ldapsearch problem
...quot; just fine, but when an AD
user does that either nothing happens at all (command hangs) or I get
an error like
+ sudo ldapsearch -v -h 10.243.50.22 -Y GSSAPI -b ou=user,ou=... -LLL '(cn=XXXXX XXXXXXXXXX*)' mail
ldap_initialize( ldap://10.243.50.22 )
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Local error (-2)
additional info: SASL(-1): generic failure: GSSAPI Error:
Miscellaneous failure (see text) (No such file or directory)
particularly within the backend script.
What happens here? I did add winbind to /etc/pam.d/sudo but as I understand
this should not be needed to...
2005 Apr 16
1
Setting up Winbindd on 3.x
...may have tried to set this up before
I'm trying to connect my freebsd 5.x server to a windows 2003 server. I
have been using this tutorial
http://oslabs.mikro-net.com/fbsd_samba.html
I've gotten down to the part where I run ldapsearch using SSL/TLS and I
get this
minubian# ldapsearch
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
I can ping the host specificed in ldap.conf and verified that port 636
is open on it
Any help would be appreciated and if you could cc me and the list incase
I miss your message on the list.
Thanks,
David W. Chapman Jr.
2012 Jan 23
1
Samba 4 GSSAPI problem
...ch -H ldap://192.168.1.3 cn=steve2 -b
"dc=hh3,dc=site" -Y GSSAPI
SASL/GSSAPI authentication started
<snip>
and all is OK.
Ubuntu
samba --version
Version 4.0.0alpha18-GIT-c3a7573
root at hh3:/tmp# ldapsearch -H ldap://192.168.1.3 cn=steve2 -b
"dc=hh3,dc=site" -Y GSSAPI
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
additional info: SASL(-4): no mechanism available: No worthy mechs
found
Maybe I'm missing an Ubuntu package? If so, what could it be?
Thanks,
Steve
2005 Oct 26
2
Problems setting up Samba+LDAP PDC in Debian Sarge
...ut I should be able to "passwd" an /etc/passwd user, shouldn't I?
dellj81:/home/chema# id root
uid=0(root) gid=0(root) groups=0(root)
With my normal user, if I try to change the password:
chema@dellj81:~$ ldappasswd
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Internal (implementation specific) error
(80)
additional info: SASL(-13): user not found: no secret in
database
This produces the following sldap output:
Oct 25 11:45:03 dellj81 slapd[2925]: SASL [conn=55] Error: unable to
open Berkeley db /etc/sasldb2: No such file or directory
Oct 25...
2012 Jan 17
1
Samba 4 and GSSAPI kerberos ldap connect
...othing works.
ldapsearch and getent passwd draw a blank.
ldapsearch -x -b '' -sbase supportedSASLMechanisms
gives me:
dn:
supportedSASLMechanisms: GSS-SPNEGO
supportedSASLMechanisms: GSSAPI
supportedSASLMechanisms: NTLM
but ldapsearch -Y GSSAPI gives:
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Local error (-2)
additional info: SASL(-1): generic failure: GSSAPI Error:
Unspecified GSS failure. Minor code may provide more information
(Server not found in Kerberos database)
and Samba gives:
Kerberos: TGS-REQ Administrator at HH3.SITE from ipv4:192.168.1.3:56859 for
ldap/hh3.site...
2015 Apr 17
1
LDAPS on DC
...read and followed https://wiki.samba.org/index.php/Setup_LDAPS_on_a_DC
> > but when I attempt to connect to the DC on port 636 or via ldaps:// or both
> > via ldapsearch (linux) and ldp (windows) I cannot connect.
> > Failed tests:
> > *ldapsearch -I -H ldaps://dc*
> > ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)
> > additional info: (unknown error code)
Does the OpenSSL test connect, and if so with what result?
openssl s_client -showcerts -connect DC.EXAMPLE.COM:636
--
Adam Tauno Williams <mailto:awilliam at whitemice.org> GPG D95ED383
Systems...