| Linux - Server This forum is for the discussion of Linux Software used in a server related context. |
| Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
|
12-10-2010, 08:40 AM
|
#16
|
|
Member
Registered: Jan 2003
Location: Kingston, Jamaica
Posts: 444
Rep: 
|
Quote:
When I execute :
Code:
ldapsearch -x -W -D 'cn=U101001,ou=101001,dc=mydomain,dc=local' -b 'ou=101001,dc=mydomain,dc=local'
on the Ldap-server itself, do I then also need to configure ldap.conf ??
|
Without configuring ldap.conf you are asking OpenLDAP to search for information without telling it where to search.
Quote:
This ldapsearch gives results, no problem.
The problem occurs when I add the "access to *" lines.
|
Can you change any confidential information and show us the output from ldapsearch when the "access to *" lines are not present? |
|
|
|
|
12-10-2010, 09:08 AM
|
#17
|
|
Member
Registered: Jul 2008
Location: Ghent, Belgium
Distribution: Fedora, CentOS
Posts: 694
Original Poster
Rep:
|
Quote:
Originally Posted by jamrock
Can you change any confidential information and show us the output from ldapsearch when the "access to *" lines are not present?
|
Code:
[root@asterisk16 ~]# ldapsearch -x -W -D 'cn=U101001,ou=101001,dc=mydomain,dc=local' -b 'ou=101001,dc=mydomain,dc=local'
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <ou=101001,dc=mydomain,dc=local> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# 101001, mydomain.local
dn: ou=101001,dc=mydomain,dc=local
ou: 101001
objectClass: organizationalUnit
objectClass: top
# U101001, 101001, mydomain.local
dn: cn=U101001,ou=101001,dc=mydomain,dc=local
cn: U101001
sn: U101001
userPassword:: dGVzdDEwMTAwMQ==
objectClass: inetOrgPerson
objectClass: top
# Company VC, 101001, mydomain.local
dn: cn=Company VC,ou=101001,dc=mydomain,dc=local
sn: Company VC
cn:: IEJlZHJpamYgVkM=
telephoneNumber: 3322959600
objectClass: inetOrgPerson
objectClass: top
# Company Y, 101001, mydomain.local
dn: cn=Company Y,ou=101001,dc=mydomain,dc=local
sn: Company Y
cn:: IEJlZHJpamYgWQ==
telephoneNumber: 3322980406
objectClass: inetOrgPerson
objectClass: top
# search result
search: 2
result: 0 Success
# numResponses: 5
# numEntries: 4
[root@asterisk16 ~]#
|
|
|
|
|
12-10-2010, 10:15 AM
|
#18
|
|
Member
Registered: Jan 2003
Location: Kingston, Jamaica
Posts: 444
Rep:
|
Okay cool...
Try the following acl
access to dn.subtree="ou=101001,dc=mydomain,dc=local"
by dn.children="ou=101001,dc=mydomain,dc=local" read
This should allow all users in ou=101001,dc=mydomain,dc=local to read ou=101001,dc=mydomain,dc=local.
Paste the section of the slapd.conf that contains the acl and the output of the search.
|
|
|
|
|
12-10-2010, 01:20 PM
|
#19
|
|
Member
Registered: Jul 2008
Location: Ghent, Belgium
Distribution: Fedora, CentOS
Posts: 694
Original Poster
Rep:
|
OK I'm getting result with user U123456.
Next step was getting the ldap directory on my Snom IP-phone.
This is the search it performs :
conn=36 op=2 SRCH base="dc=mydomain,dc=local" scope=2 deref=0 filter="(&(telephoneNumber=*)(sn=b*))"
(so I press 'b' to get all companies starting with this letter, which should give 2 results...)
This is the ldap log :
Quote:
Dec 10 20:14:10 asterisk16 slapd[25338]: daemon: activity on 1 descriptor
Dec 10 20:14:10 asterisk16 slapd[25338]: daemon: activity on:
Dec 10 20:14:10 asterisk16 slapd[25338]: 12r
Dec 10 20:14:10 asterisk16 slapd[25338]:
Dec 10 20:14:10 asterisk16 slapd[25338]: daemon: read active on 12
Dec 10 20:14:10 asterisk16 slapd[25338]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Dec 10 20:14:10 asterisk16 slapd[25338]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Dec 10 20:14:10 asterisk16 slapd[25338]: begin get_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: AND
Dec 10 20:14:10 asterisk16 slapd[25338]: begin get_filter_list
Dec 10 20:14:10 asterisk16 slapd[25338]: begin get_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: PRESENT
Dec 10 20:14:10 asterisk16 slapd[25338]: end get_filter 0
Dec 10 20:14:10 asterisk16 slapd[25338]: begin get_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: SUBSTRINGS
Dec 10 20:14:10 asterisk16 slapd[25338]: begin get_ssa
Dec 10 20:14:10 asterisk16 slapd[25338]: INITIAL
Dec 10 20:14:10 asterisk16 slapd[25338]: end get_ssa
Dec 10 20:14:10 asterisk16 slapd[25338]: end get_filter 0
Dec 10 20:14:10 asterisk16 slapd[25338]: end get_filter_list
Dec 10 20:14:10 asterisk16 slapd[25338]: end get_filter 0
Dec 10 20:14:10 asterisk16 slapd[25338]: conn=36 op=2 SRCH base="dc=mydomain,dc=local" scope=2 deref=0 filter="(&(telephoneNumber=*)(sn=b*))"
Dec 10 20:14:10 asterisk16 slapd[25338]: => bdb_filter_candidates
Dec 10 20:14:10 asterisk16 slapd[25338]: AND
Dec 10 20:14:10 asterisk16 slapd[25338]: => bdb_list_candidates 0xa0
Dec 10 20:14:10 asterisk16 slapd[25338]: => bdb_filter_candidates
Dec 10 20:14:10 asterisk16 slapd[25338]: OR
Dec 10 20:14:10 asterisk16 slapd[25338]: => bdb_list_candidates 0xa1
Dec 10 20:14:10 asterisk16 slapd[25338]: => bdb_filter_candidates
Dec 10 20:14:10 asterisk16 slapd[25338]: EQUALITY
Dec 10 20:14:10 asterisk16 slapd[25338]: <= bdb_filter_candidates: id=0 first=0 last=0
Dec 10 20:14:10 asterisk16 slapd[25338]: => bdb_filter_candidates
Dec 10 20:14:10 asterisk16 slapd[25338]: AND
Dec 10 20:14:10 asterisk16 slapd[25338]: => bdb_list_candidates 0xa0
Dec 10 20:14:10 asterisk16 slapd[25338]: => bdb_filter_candidates
Dec 10 20:14:10 asterisk16 slapd[25338]: PRESENT
Dec 10 20:14:10 asterisk16 slapd[25338]: <= bdb_filter_candidates: id=-1 first=1 last=12
Dec 10 20:14:10 asterisk16 slapd[25338]: => bdb_filter_candidates
Dec 10 20:14:10 asterisk16 slapd[25338]: SUBSTRINGS
Dec 10 20:14:10 asterisk16 slapd[25338]: <= bdb_filter_candidates: id=-1 first=1 last=12
Dec 10 20:14:10 asterisk16 slapd[25338]: <= bdb_list_candidates: id=-1 first=1 last=12
Dec 10 20:14:10 asterisk16 slapd[25338]: <= bdb_filter_candidates: id=-1 first=1 last=12
Dec 10 20:14:10 asterisk16 slapd[25338]: <= bdb_list_candidates: id=-1 first=1 last=12
Dec 10 20:14:10 asterisk16 slapd[25338]: <= bdb_filter_candidates: id=-1 first=1 last=12
Dec 10 20:14:10 asterisk16 slapd[25338]: <= bdb_list_candidates: id=-1 first=1 last=12
Dec 10 20:14:10 asterisk16 slapd[25338]: <= bdb_filter_candidates: id=-1 first=1 last=12
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: AND
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter_and
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: PRESENT
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 5
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter_and 5
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 5
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: AND
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter_and
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: PRESENT
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 5
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter_and 5
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 5
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: AND
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter_and
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: PRESENT
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 5
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter_and 5
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 5
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: AND
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter_and
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: PRESENT
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 6
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: SUBSTRINGS
Dec 10 20:14:10 asterisk16 slapd[25338]: begin test_substrings_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 6
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter_and 6
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 6
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: AND
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter_and
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: PRESENT
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 6
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: SUBSTRINGS
Dec 10 20:14:10 asterisk16 slapd[25338]: begin test_substrings_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 6
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter_and 6
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 6
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: AND
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter_and
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: PRESENT
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 5
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter_and 5
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 5
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: AND
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter_and
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: PRESENT
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 5
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter_and 5
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 5
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: AND
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter_and
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: PRESENT
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 5
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter_and 5
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 5
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: daemon: activity on 1 descriptor
Dec 10 20:14:10 asterisk16 slapd[25338]: daemon: activity on:
Dec 10 20:14:10 asterisk16 slapd[25338]:
Dec 10 20:14:10 asterisk16 slapd[25338]: daemon: epoll: listen=7 active_threads=0 tvp=NULL
Dec 10 20:14:10 asterisk16 slapd[25338]: daemon: epoll: listen=8 active_threads=0 tvp=NULL
Dec 10 20:14:10 asterisk16 slapd[25338]: AND
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter_and
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: PRESENT
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 6
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: SUBSTRINGS
Dec 10 20:14:10 asterisk16 slapd[25338]: begin test_substrings_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 6
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter_and 6
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 6
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: AND
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter_and
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: PRESENT
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 6
Dec 10 20:14:10 asterisk16 slapd[25338]: => test_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: SUBSTRINGS
Dec 10 20:14:10 asterisk16 slapd[25338]: begin test_substrings_filter
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 6
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter_and 6
Dec 10 20:14:10 asterisk16 slapd[25338]: <= test_filter 6
Dec 10 20:14:10 asterisk16 slapd[25338]: conn=36 op=2 SEARCH RESULT tag=101 err=0 nentries=4 text=
|
I get no results on my Snom display... |
|
|
|
|
12-10-2010, 07:39 PM
|
#20
|
|
Member
Registered: Jan 2003
Location: Kingston, Jamaica
Posts: 444
Rep:
|
Now this is an interesting challenge...
I would start by setting the acl's back to the original state. This allows read access to everyone. See if you can read anything. Then we can see how to authenticate the phones.
Can you post a link to the phone's documentation? What model phone is it?
|
|
|
|
|
12-13-2010, 09:15 AM
|
#21
|
|
Member
Registered: Jul 2008
Location: Ghent, Belgium
Distribution: Fedora, CentOS
Posts: 694
Original Poster
Rep:
|
I'm still having issues :
Code:
defaultaccess none
access to *
by dn="cn=Manager,dc=mydomain,dc=local" write
by dn="cn=U123456,ou=123456,dc=mydomain,dc=local" read
access to dn.subtree="ou=101001,dc=mydomain,dc=local"
by dn.children="ou=101001,dc=mydomain,dc=local" read
When I comment out "defaultaccess none" there is no problem.
But when it is uncommented :
Code:
[root@asterisk16 ~]# ldapsearch -x -W -D 'cn=U123456,ou=123456,dc=mydomain,dc=local' -b 'ou=123456,dc=mydomain,dc=local'
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
Code:
[root@asterisk16 ~]# ldapsearch -x -W -D 'cn=U101001,ou=101001,dc=mydomain,dc=local' -b 'ou=101001,dc=mydomain,dc=local'
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
|
|
|
|
|
12-13-2010, 10:06 AM
|
#22
|
|
Member
Registered: Jan 2003
Location: Kingston, Jamaica
Posts: 444
Rep:
|
I am not familiar with the command "defaultaccess none". It is not in my slapd.conf and I am not seeing it in the administrator's manual.
Quote:
access to *
by dn="cn=Manager,dc=mydomain,dc=local" write
by dn="cn=U123456,ou=123456,dc=mydomain,dc=local" read
access to dn.subtree="ou=101001,dc=mydomain,dc=local"
by dn.children="ou=101001,dc=mydomain,dc=local" read
|
Remember to pay special attention to the order in which your acl's are placed. When a user tries to log in, OpenLDAP will run through the list until a match is found. Once it finds a match, it will stop checking the acl's. Place the most restrictive acl's first.
By default the directory manager has full access so it is redundant to use
Quote:
|
by dn="cn=Manager,dc=mydomain,dc=local" write
|
In fact it will slow down processing.
Last edited by jamrock; 12-13-2010 at 10:09 AM.
|
|
|
|
|
12-13-2010, 10:41 AM
|
#23
|
|
Member
Registered: Jul 2008
Location: Ghent, Belgium
Distribution: Fedora, CentOS
Posts: 694
Original Poster
Rep:
|
I've added the following :
Code:
defaultaccess none
access to *
by dn="cn=Manager,dc=mydomain,dc=local" write
by dn="cn=U123456,ou=123456,dc=mydomain,dc=local" read
by * auth
access to dn.subtree="ou=101001,dc=mydomain,dc=local"
by dn.children="ou=101001,dc=mydomain,dc=local" read
by * auth
"by * auth" makes it work...
Is there so much difference in ldap versions ?
I'm using : openldap-servers-2.3.43-12.el5_5.3.i386
Last edited by jonaskellens; 12-16-2010 at 04:14 AM.
|
|
|
|
|
12-13-2010, 10:47 AM
|
#24
|
|
Member
Registered: Jan 2003
Location: Kingston, Jamaica
Posts: 444
Rep:
|
Quote:
Originally Posted by jonaskellens
I've added the following :
Code:
defaultaccess none
access to *
by dn="cn=Manager,dc=voipcenter,dc=local" write
by dn="cn=U123456,ou=123456,dc=voipcenter,dc=local" read
by * auth
access to dn.subtree="ou=101001,dc=voipcenter,dc=local"
by dn.children="ou=101001,dc=voipcenter,dc=local" read
by * auth
"by * auth" makes it work...
Is there so much difference in ldap versions ?
I'm using : openldap-servers-2.3.43-12.el5_5.3.i386 |
Ooops... My bad...
You need auth if you want to authenticate. I haven't used that configuration in a while.
There were major changes in the acl's at one point. There were also some major changes to replication some time after. So yes, there can be significant changes between versions. You will notice that the manuals are version specific.
So... Are you good now? |
|
|
|
|
12-16-2010, 04:13 AM
|
#25
|
|
Member
Registered: Jul 2008
Location: Ghent, Belgium
Distribution: Fedora, CentOS
Posts: 694
Original Poster
Rep:
|
Just one question :
by defining this :
Code:
access to *
by dn="cn=U123456,ou=123456,dc=mydomain,dc=local" read
by * auth
for every user I create in a OU, I lock down this user to this OU and also this user can only read other objects in this OU after authentication ?
Unfortunately, it does not work :
Code:
[root@asterisk16 ~]# ldapsearch -x -W -D 'cn=U101001,ou=101001,dc=mydomain,dc=local' -b 'ou=101001,dc=mydomain,dc=local'
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <ou=101001,dc=mydomain,dc=local> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# search result
search: 2
result: 0 Success
# numResponses: 1
when I have in slapd.conf :
Code:
access to *
by dn="cn=U101001,ou=101001,dc=mydomain,dc=local" read
by * auth
Last edited by jonaskellens; 12-16-2010 at 06:51 AM.
|
|
|
|
|
12-16-2010, 07:44 AM
|
#26
|
|
Member
Registered: Jan 2003
Location: Kingston, Jamaica
Posts: 444
Rep:
|
Try putting the auth before the read. OpenLDAP goes through the acl's line by line and exists when it finds the first match.
access to *
by * auth
by dn="cn=U123456,ou=123456,dc=mydomain,dc=local" read
|
|
|
|
|
12-16-2010, 07:51 AM
|
#27
|
|
Member
Registered: Jul 2008
Location: Ghent, Belgium
Distribution: Fedora, CentOS
Posts: 694
Original Poster
Rep:
|
Quote:
Originally Posted by jamrock
Try putting the auth before the read. OpenLDAP goes through the acl's line by line and exists when it finds the first match.
access to *
by * auth
by dn="cn=U123456,ou=123456,dc=mydomain,dc=local" read
|
Does not work.
What's wrong with this :
Code:
database bdb
suffix "dc=mydomain,dc=local"
rootdn "cn=Manager,dc=mydomain,dc=local"
rootpw GuessThis
defaultaccess none
access to dn.one="ou=contacts,ou=101001,dc=mydomain,dc=local"
by * auth
by dn="cn=U101001,ou=101001,dc=mydomain,dc=local" read
Code:
[root@asterisk16 ~]# ldapsearch -x -W -D 'cn=U101001,ou=101001,dc=mydomain,dc=local' -b 'ou=contacts,ou=101001,dc=mydomain,dc=local'
Enter LDAP Password:
ldap_bind: Invalid credentials (49)
This also fails :
Code:
access to dn.one="ou=contacts,ou=101001,dc=mydomain,dc=local"
by dn.children="ou=myusers,ou=101001,dc=mydomain,dc=local" read
Code:
[root@asterisk16 ~]# ldapsearch -x -W -D 'cn=U101001,ou=myusers,ou=101001,dc=mydomain,dc=local' -b 'ou=contacts,ou=101001,dc=mydomain,dc=local'
Enter LDAP Password:
ldap_bind: Invalid credentials (4
Last edited by jonaskellens; 12-16-2010 at 09:17 AM.
|
|
|
|
All times are GMT -5. The time now is 10:17 PM.
|
|
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
|
 Latest Threads
LQ News
|
|
