Try Apache Directory Studio, it's about the most complete one I've used. Paul
On 27 Jan 2010, at 19:40, Tromp,Marianne wrote: I learned that I was pointing to the wrong machine. (Our sysadmin is relatively inexperienced.) Now I can connect but the credentials are rejected. Is there an ldap browser for Linux? That would be a very useful tool. Marianne ----- Original Message ----- From: "Johan Reinalda" <[email protected]<mailto:[email protected]>> To: [email protected]<mailto:[email protected]> Sent: Wednesday, January 27, 2010 11:07:38 AM Subject: Re: [cas-user] FastBind failure make sure any firewall or interface rules allow connections to the ldap ports (389 or 636 for secure), and that ldap services are running on your DC. On the DC, make sure you see something listening on those ports ("netstat -ano" command) . you can use a ldap browser to try and connect and see the tree. On windows, you can use LDP.EXE (from the resource kit, I think), or whatever else you like. Johan ----- Original Message ----- From: Tromp,Marianne<mailto:[email protected]> To: [email protected]<mailto:[email protected]> Sent: Wednesday, January 27, 2010 9:56 AM Subject: Re: [cas-user] FastBind failure Thanks for the example, Johan. When looking very closely at the TCP packets involved with connecting to MS-AD, I noticed that the RESET flag is set in the packet from the MS-AD server. This terminates the connection and prevents the authentication. It appears that my problem is at a very low level. I'll see if using the settings Marvin suggested on the Windows end provides some useful information. Marianne Marianne Tromp Software Developer, part-time IT - applications 805.654-7781 City of Ventura -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected]<mailto:[email protected]> as: [email protected]<mailto:[email protected]> To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user ________________________________ This email and any attachments are confidential and intended solely for the use of the addressee and may contain information which is covered by legal, professional or other privilege. If you have received this email in error please notify the system manager at [email protected]. The University's computer systems may be monitored and communications carried on them recorded to secure the effective operation of the system and for other lawful purposes. -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
