I have encountered this issue before.This I fixed by allowing permissions(anonymous read) on the ADS.By default anonymous read on ADS is not allowed by windows.To do this you need to select a dc from the ADS and right click on it and add "ANONYMOUS LOGON" user to it.Then change the permission to "list all contents".This will work then.
Let me know.
Thanks,
Sankhadip ----- Original Message ----- From: "Michael Ströder" michael@stroeder.com To: "Santosh Kumar" santosh.kb@rediffmail.com Cc: openldap-technical@openldap.org Sent: Friday, March 06, 2009 5:59 AM Subject: Re: openldap client configuration to connect to AD
Santosh Kumar wrote:
./ldapsearch -x -W -h 10.10.10.10 -b "CN=testuser,OU=Users,OU=KeyPairIN,OU=KeyPair,DC=keypair,DC=internal" -S sub Enter LDAP Password: ***
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
This means the server is not reachable at TCP level. Make sure your AD is reachable on the IP address given with -h.
Ciao, Michael.