search for: ldapsearches

hello list I'm having a very strange problem with my centos 5.5 system. For some strange reason, this machine cannot find ldapsearch: [root at VIRTCENT13 ~]# ldapsearch ldapsearch: Command not found. [root at VIRTCENT13 ~]# whereis ldapsearch ldapsearch: /usr/bin/ldapsearch /usr/share/man/man1/ldapsearch.1.gz ldapsearch currently lives at /usr/bin along with a lot of other really very

Hi, I'm trying to migrate samba 3 NT domain to samba 4 AD, we have migrated data and it seems correct, but now we need to connect with ldapsearch but always receive errors like ldap_bind: Strong(er) authentication required (8) additional info: BindSimple: Transport encryption required. command used is /usr/bin/ldapsearch -H ldap://server -x -LLL -z 0 -D

Hi, solved only making this changes : in /etc/ldap/ldap.conf add TLS_CACERT /etc/ldap/ca.pem.crt sample query with ldaps # ldapsearch -H ldaps://server -x -LLL -z 0 -D "CN=user,CN=Users,DC=domain,DC=com" -w "p" -b "CN=Users,DC=domain,DC=com" Solved! Thanks 2016-06-19 18:55 GMT+02:00 Trenta sis <trenta.sis at gmail.com>: > Hi, > > First of all

Hi all, I'd like to perform some ldapsearch against my AD domain. And I'd like to be able to perform these ldapsearch using GSSAPI to avoid usage of password in scripts. DC are using default configuration file: ---------------------------------------- # Global parameters [global] workgroup = SAMBA.DOMAIN realm = SAMBA.DOMAIN.TLD netbios name = M707 server

Quick-n-easy questions: Let's say user raub is added to group nosy using smbldap-groupmod smbldap-groupmod -m raub nosy Now, according to ol' ldapsearch, ldapsearch -vvv -H "ldaps://ldap.example.com" -D "uid=admin,ou=People,dc=example,dc=com" -W -b "dc=example,dc=com" -s sub "(cn-nosy)" group nosy has a dn attribute that looks like this dn:

Hi all, I've got on AD DC using Samba 4.4.3 on Centos7 which accept Kerberos connections (kinit is working), which accept ldapsearch with credentials but which refuse ldapsearch with GSSAPI. The issue does not seem to be coming from the client as I discovered this issue writing a script to test all 22 DC, and all 21 others DC are working well from that client. The error: SASL/GSSAPI

Things goes further. To use GSSAPI and so the Kerberos ticket obtained with kinit I was missing "-Y GSSAPI". It seems GSSAPI and TLS are meant to be used together: ---------------------------------------- ldapsearch -Y GSSAPI -LLL -H ldaps://SAMBA.DOMAIN.TLD SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Server is unwilling to perform (53) additional info:

Does ldapsearch work with Samba4 since it has it's own LDAP server? I've seen a number of ldap related posts here and I'm trying to head down that road for Dovecot authentication, but I'm getting stopped right away. For example, the following doesn't work: $ ldapsearch -xLLL -H ldap://localhost:389 \ -D "cn=Administrator,dc=HPRS,dc=local" -W -b

Hi, I've got ldapsearch mostly working: root at morannon:/usr/local/samba/private/tls# ldapsearch '(sAMAccountName=dumaresq)' SASL/GSSAPI authentication started SASL username: administrator at XXX SASL SSF: 56 SASL data security layer installed. # extended LDIF # # LDAPv3 # base <> (default) with scope subtree # filter: (sAMAccountName=dumaresq) # requesting: ALL # results in

Solved : ) Reminder of the issue: Every services (CIFS, Kerberos, LDAP, DNS, RPC) on one DC were working well and ldapsearch using DN and password were also working. The only thing which was not working was ldapsearch using GSSAPI authentication with the following error: SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Local error (-2) additional info: SASL(-1): generic

I've tested your soulution, but it also says the same error. I've tested all combinations of: - tls_ca_cert_file = <cert> - tls = yes - tls_require_cert = demand Every time it says "Connection error". Only when tls is uncommented it says "TLS required". Additional information from my contact with the openldap-technical mailing list: The

I've replicate the settings from ldapsearch to dovecot but no success. To the certificate: Yes it's a *.crt file but I have linked the *.pem file to it and dovecot has read access to that file. I have enabled the debugging in dovecot and have uploaded the output: https://gwarband.de/openldap/dovecot-connect.log And the other site with ldapsearch:

Hi, First of all thans for you answer. I have tried but is not working, we receive: # kinit administrator Password for administrator at DOM.COM: Warning: Your password will expire in 33 days on Fri 22 Jul 2016 07:52:12 PM CEST # ldbsearch -H ldap://debian8DC1 "cb=administrator" -k yes Failed to bind - LDAP client internal error: NT_STATUS_INVALID_PARAMETER Failed to connect to

ERRATUM: It seems GSSAPI and TLS are *NOT* meant to be used together: 2015-10-15 16:20 GMT+02:00 mathias dufresne <infractory at gmail.com>: > Things goes further. To use GSSAPI and so the Kerberos ticket obtained > with kinit I was missing "-Y GSSAPI". > > It seems GSSAPI and TLS are meant to be used together: > ---------------------------------------- >

My smb.conf looks like so. [global] security = ads realm = MIND.UNM.EDU workgroup = MIND idmap config * : backend = tdb idmap config * : range = 2000-7999 idmap config MIND:backend = ad idmap config MIND:schema_mode = rfc2307 idmap config MIND:range = 8000-9999999 idmap config MIND:unix_nss_info = yes winbind use default domain = yes restrict anonymous = 2 I have

The serverlog of openldap with loglevel "any": https://gwarband.de/openldap/openldap-connect.log Note: openldap waits 1 Minute before he says "TLS negotiation failure" after the connect. and dovecot says direct "Connect error" I've also delete the TLSCipherSuite from openldap. Tobias Am 2017-03-18 14:01, schrieb Tomas Habarta: > Increase log level on server

More information, making me more crazy: - ldapsearch without SASL is working from any host: ldapsearch -D 'CN=user-ldapmodify,OU=OurUsers,DC=ad,DC=domain,dc=tld' -w Passw0rd -x -ZZ -b 'dc=ad,DC=domain,dc=tld' -h dc106 sAMAccountName=administrator dn - ldapsearch with SASL is not working (Kerberos ticket existing following a working kinit) from any host but it works when launched

Hi, I recently triied to set up a special PDF creation service for a customer. The Samba3 server is a AD2003 member server. Since the created PDF files need to be sent via e-mail to the creators, I need to issue an LDAP query against the AD, like ldapsearch -h 10.243.50.22 -Y GSSAPI -b "ou=user,ou=... ..." \ -LLL '(cn=lastname firstname*)' mail As long as I run this command

Hmm... *ldapsearch -x cn=admin* gives me: | # A bunch of information not really interesting | # search result | search: 2 | result: 32 No such object | | numResponses: 1 *ldapsearch -x cn=admin* gives the same. Did i configure the ldap wrong? 2015-02-24 10:42 GMT+01:00 Steffen Kaiser <skdovecot at smail.inf.fh-brs.de>: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > >

Hello, Ldbsearch returns the correct result. However this particular query is performed by an external system (that does not have access to the LDB files), to check whether a certain user belongs to a specific OU or not. The query is performed over LDAP against Samba, so it is not a ldapsearch-only problem. I only used ldapsearch to verify the behavior. Regardless of if the query is wrong or