问题描述
我想用命令的ldapsearch
对我们的机构的LDAP服务器进行身份验证。在我的LDAP用户信息显示如下图
I am trying to authenticate against our institutional LDAP server with the command ldapsearch
. My user info in LDAP is shown in the following image
我用下面这个命令我的DN搜索:
I used this command below to search by my DN:
ldapsearch -x -H ldap://ldap.mdanderson.edu:389 -D "CN=Djiao,OU=Institution,OU=People" -b DC=mdanderson,DC=edu -w xxxyyyzzz
不过,我得到了错误:
However I got the error:
ldap_bind: Invalid credentials (49)
additional info: 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1
什么是错我的ldapsearch命令?
What is wrong with my ldapsearch command?
推荐答案
绑定DN是不是在您的命令完成。它应与DC = mdanderson,DC = edu的结束。所以,很可能,它应该是: CN = Djiao,OU =机构,OU =人,DC = mdanderson,DC = EDU
The bind DN is not complete in your command. It should end with DC=mdanderson,DC=edu. So, it is likely that it should be: CN=Djiao,OU=Institution,OU=People,DC=mdanderson,DC=edu
在Active Directory中,尽管用户通常根据CN =用户树(我不明白你的树hiearchy)。因此,绑定DN(-d参数后,DN)可能要: CN = Djiao,OU =机构,CN =用户,DC = mdanderson,DC = EDU
In Active Directory, though, users are typically under the CN=users tree (I don't see your tree hiearchy). So, the bind DN (the DN after the -D argument) may have to be:CN=Djiao,OU=Institution,CN=Users,DC=mdanderson,DC=edu
这篇关于ldapsearch的:无效的凭证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!