ldapsearch:无效的凭据 [英] ldapsearch: Invalid credentials

问题描述

我正在尝试使用命令 ldapsearch 对我们的机构 LDAP 服务器进行身份验证.我在 LDAP 中的用户信息如下图所示

I am trying to authenticate against our institutional LDAP server with the command ldapsearch. My user info in LDAP is shown in the following image

我使用以下命令按我的 DN 进行搜索:

I used this command below to search by my DN:

ldapsearch -x -H ldap://ldap.mdanderson.edu:389 -D "CN=Djiao,OU=Institution,OU=People" -b DC=mdanderson,DC=edu -w xxxyyyzzz

但是我得到了错误:

ldap_bind: Invalid credentials (49)
    additional info: 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1

我的 ldapsearch 命令有什么问题?

What is wrong with my ldapsearch command?

推荐答案

您的命令中的绑定 DN 不完整.它应该以 DC=mdanderson,DC=edu 结尾.所以，很可能应该是:CN=Djiao,OU=Institution,OU=People,DC=mdanderson,DC=edu

The bind DN is not complete in your command. It should end with DC=mdanderson,DC=edu. So, it is likely that it should be: CN=Djiao,OU=Institution,OU=People,DC=mdanderson,DC=edu

不过，在 Active Directory 中，用户通常位于 CN=users 树下(我看不到您的树层次结构).因此，绑定 DN(-D 参数后的 DN)可能必须是:CN=Djiao,OU=Institution,CN=Users,DC=mdanderson,DC=edu

In Active Directory, though, users are typically under the CN=users tree (I don't see your tree hiearchy). So, the bind DN (the DN after the -D argument) may have to be: CN=Djiao,OU=Institution,CN=Users,DC=mdanderson,DC=edu

这篇关于ldapsearch:无效的凭据的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！