ldapsearch:无效的凭据 [英] ldapsearch: Invalid credentials
问题描述
我正在尝试使用命令 ldapsearch
对我们的机构 LDAP 服务器进行身份验证.我在 LDAP 中的用户信息如下图所示
I am trying to authenticate against our institutional LDAP server with the command ldapsearch
. My user info in LDAP is shown in the following image
我使用以下命令按我的 DN 进行搜索:
I used this command below to search by my DN:
ldapsearch -x -H ldap://ldap.mdanderson.edu:389 -D "CN=Djiao,OU=Institution,OU=People" -b DC=mdanderson,DC=edu -w xxxyyyzzz
但是我得到了错误:
ldap_bind: Invalid credentials (49)
additional info: 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1
我的 ldapsearch 命令有什么问题?
What is wrong with my ldapsearch command?
推荐答案
您的命令中的绑定 DN 不完整.它应该以 DC=mdanderson,DC=edu 结尾.所以,很可能应该是:CN=Djiao,OU=Institution,OU=People,DC=mdanderson,DC=edu
The bind DN is not complete in your command. It should end with DC=mdanderson,DC=edu. So, it is likely that it should be: CN=Djiao,OU=Institution,OU=People,DC=mdanderson,DC=edu
不过,在 Active Directory 中,用户通常位于 CN=users 树下(我看不到您的树层次结构).因此,绑定 DN(-D 参数后的 DN)可能必须是:CN=Djiao,OU=Institution,CN=Users,DC=mdanderson,DC=edu
In Active Directory, though, users are typically under the CN=users tree (I don't see your tree hiearchy). So, the bind DN (the DN after the -D argument) may have to be:
CN=Djiao,OU=Institution,CN=Users,DC=mdanderson,DC=edu
这篇关于ldapsearch:无效的凭据的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!