本文介绍了ldapsearch的:无效的凭证的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我想用命令的ldapsearch 对我们的机构的LDAP服务器进行身份验证。在我的LDAP用户信息显示如下图

I am trying to authenticate against our institutional LDAP server with the command ldapsearch. My user info in LDAP is shown in the following image

我用下面这个命令我的DN搜索:

I used this command below to search by my DN:

ldapsearch -x -H ldap://ldap.mdanderson.edu:389 -D "CN=Djiao,OU=Institution,OU=People" -b DC=mdanderson,DC=edu -w xxxyyyzzz

不过,我得到了错误:

However I got the error:

ldap_bind: Invalid credentials (49)
    additional info: 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1

什么是错我的ldapsearch命令?

What is wrong with my ldapsearch command?

推荐答案

绑定DN是不是在您的命令完成。它应与DC = mdanderson,DC = edu的结束。所以,很可能,它应该是: CN = Djiao,OU =机构,OU =人,DC = mdanderson,DC = EDU

The bind DN is not complete in your command. It should end with DC=mdanderson,DC=edu. So, it is likely that it should be: CN=Djiao,OU=Institution,OU=People,DC=mdanderson,DC=edu

在Active Directory中,尽管用户通常根据CN =用户​​树(我不明白你的树hiearchy)。因此,绑定DN(-d参数后,DN)可能要:
CN = Djiao,OU =机构,CN =用户​​,DC = mdanderson,DC = EDU

In Active Directory, though, users are typically under the CN=users tree (I don't see your tree hiearchy). So, the bind DN (the DN after the -D argument) may have to be:CN=Djiao,OU=Institution,CN=Users,DC=mdanderson,DC=edu

这篇关于ldapsearch的:无效的凭证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

10-13 19:13