Dieter Kluenter had this to say:
Mike Leone turgon@mike-leone.com writes:
I'm trying to configure lib-nss to use OpenLDAP against my Active Directory. But I seem to be having lots of problems even getting it to search properly. I have Samba all properly configured for AD - it's properly joined to the AD domain, and all seems to be working fine. Now I'd like to investigate using OpenLDAP to authenticate against AD.
[...]
ldapsearch -v -x -H ldap://10.0.0.60 "(objectClass=posixAccount)" sAMAccountName
[...]
result: 1 Operations error text: 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece
# numResponses: 1
So the question is ... why is it failing to bind?
[...]
Because you are trying to do an anonymouns bind, while a simple bind with a distingished name is required. man ldapsearch(1)
I did read it. But if I had understood it, I wouldn't have needed to post here. LOL
What I am trying to do, I've since found out, is to get lib_nss working using ldap, as opposed to a full ldap implemtation.