Sunday, 5 October 2014

Ahh, Active Directory and LDAP ...

So I was seeing: -

ldap_bind: Invalid credentials (49)
additional info: 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db0


and: -

06:02:19 PM: Failed to connect to ldap://localhost:389
Root error: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db0


using tools such as LDAPSearch and LDAP Browser Editor and Apache Directory Studio.

This IBM Technote was of some help: -


The Technote is right on - invalid credentials - but could be a leeetle more revealing.

Of course, I solved it, after some trial and error, and some hair pulling ( for which I apologise !! ).

Yes, I was using the WRONG credentials ( Grommit ).

This is what I had been using: -

ldapsearch -h 192.168.1.130 -p 389 -D ldapbind -w passw0rd cn=*

and this is what I should have been using: -

ldapsearch -h 192.168.1.130 -p 389 -D CN=ldapbind,CN=Users,DC=Clanville,DC=uk,DC=ibm -w passw0rd cn=*

Thanks to the built-in, and excellent, adsiedit tool that now ships with AD2008.

No comments: