cn=config completely replacing slapd.conf
by David N. Blank-Edelman
(taking this to a new thread)
Sorry for such a vague question, but my (perhaps failing) memory is once
upon a time there were still certain backends or overlays that couldn't
yet be configured via cn=config and had to be specified in slapd.conf.
Has 2.4 has already cleared up all of those legacy configuration
requirements or is that a 2.5 goal? Thanks!
-- dNb
10 years, 12 months
How to configure OpenLdap Client to work with Windows Active Directory
by yen nguyen
Hi,
Can ldapsearch work with Windows AD via GSSAPI? Is there any special setting/software I need to do on the client side?
On my Client system, I have Windows openldap client tools (ldapsearch ....etc). My Server system has Windows AD running.
I was able to use Simple Authentication and it worked.
ldapsearch.exe -H ldap://MPSD-EB01T3/ -b "dc=test,dc=com" -x
I know Windows 2008 AD support GSSAPI.
ldapsearch -H ldap://MPSD-EB01T3/ -xLLL -s base -b "" supportedSASLMechanisms
dn:
supportedSASLMechanisms: GSSAPI
supportedSASLMechanisms: GSS-SPNEGO
supportedSASLMechanisms: EXTERNAL
supportedSASLMechanisms: DIGEST-MD5
Now I tried to use GSSAPI and it failed. Is there anything special setting I need to do on the client side to make it work?
ldapsearch -H ldap://MPSD-EB01T3/ -b "cn=user1,dc=test,dc=com" -W -U user1 -Y GSSAPI -d 3
ldap_url_parse_ext(ldap://MPSD-EB01T3/)
ldap_create
ldap_url_parse_ext(ldap://MPSD-EB01T3:389/??base)
ldap_sasl_interactive_bind_s: user selected: GSSAPI
ldap_int_sasl_bind: GSSAPI
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP MPSD-EB01T3:389
ldap_new_socket: 392
ldap_prepare_socket: 392
ldap_connect_to_host: Trying 192.168.1.30:389
ldap_pvt_connect: fd: 392 tm: -1 async: 0
ldap_int_sasl_open: host=MPSD-EB01T3
ldap_err2string
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
additional info: SASL(-4): no mechanism available: Unable to find a calback: 2
11 years