To : [email protected]

Subject : Re: ldapsearch -- troubles connecting to LDAP server (SASL config?)

From : "David A. Parker" < [email protected] >

Date : Thu, 16 Jul 2009 11:18:58 -0400

Message-id : < [🔎] [email protected] >

In-reply-to : < [🔎] [email protected] >

References : < [🔎] [email protected] >

We're a bit new to the LDAP world and are having trouble configuring a connection to the LDAP server. Using "ldapsearch" as a diagnostic tool, here's what we are getting: # ldapsearch -h 10.3.1.37 SASL/EXTERNAL authentication started ldap_sasl_interactive_bind_s: Unknown authentication method (-6) So we need a username/password pair to connect then, right? We've figured out how to specify the password, but not a username: # ldapsearch -x -h 10.3.1.37 -W -X u:ldapuser ldapsearch: -X incompatible with authentication choice # ldapsearch -x -h 10.3.1.37 -W -U ldapuser ldapsearch: incompatible previous authentication choice As you can see, the manpage seems to be assuming some background information we don't know yet. :) And googling turned up some questions with overlap to ours here, but the answers don't appear to be posted in their entirety. Any pointers welcome -- thanks! # ldapsearch -x -h 10.3.1.37 -W Enter LDAP Password: # extended LDIF # LDAPv3 # base <> (default) with scope subtree # filter: (objectclass=*) # requesting: ALL # search result search: 2 result: 32 No such object text: 0000208D: NameErr: DSID-031001A8, problem 2001 (NO_OBJECT), data 0, bes t match of: # numResponses: 1 You need to specify the username as part of the bind DN using the -D option: ldapsearch -h ldap.example.com -b "<base DN here>" -D "cn=<username>,<rest of bind DN here>" -W <filter> - Dave Dave Parker Utica College Integrated Information Technology Services (315) 792-3229 Registered Linux User #408177