On Wed, Jun 29, 2011 at 05:41:26PM -0700, yen nguyen wrote: > Can ldapsearch work with Windows AD via GSSAPI? Is there any special setting/ > software I need to do on the client side?
GSSAPI is normally a carrier for Kerberos tickets, so for this to work you will need to obtain a valid ticket for the AD service. This will involve connecting your client system to the Kerberos domain managed by the AD system. > On my Client system, I have Windows openldap client tools (ldapsearch > ....etc). > My Server system has Windows AD running. > > I was able to use Simple Authentication and it worked. > ldapsearch.exe -H ldap://MPSD-EB01T3/ -b "dc=test,dc=com" -x Without the -D and -w (or -W) options, this is just anonymous (un-authenticated) access. You can certainly use the OpenLDAP client tools with AD using simple authentication. The main problem is to find out what the DN of your AD account actually is. Andrew -- ----------------------------------------------------------------------- | From Andrew Findlay, Skills 1st Ltd | | Consultant in large-scale systems, networks, and directory services | | http://www.skills-1st.co.uk/ +44 1628 782565 | -----------------------------------------------------------------------
