Hi Ricardo, Is possible to replicate Active directory users into OpenLDAP server.
Can you confirm. Regards Support Team. From: Ricardo Sant Ana <[email protected]> To: [email protected] Date: 06/11/2013 07:36 PM Subject: LDAP/SASL problems Hello All I am instaling an OpenLDAP server (Ubuntu Precise) on a local network (Ip 10.67.123.146). I installed using : apt-get install slapd ldap-utils later, I used slapcat to insert data from a teste.ldif file. So, the problem: from local machine I used ldapsearch -D "cn=admin,dc=eb,dc=mil,dc=br" -w password -p 389 -h 10.67.123.146 -b "dc=eb,dc=mil,dc=br" -s sub "(objectclass=*)" and it works properly. But from a remote host: ldapsearch -D "cn=admin,dc=eb,dc=mil,dc=br" -w password -p 389 -h 10.67.123.146 -b "dc=eb,dc=mil,dc=br" -s sub "(objectclass=*)" returns: SASL/DIGEST-MD5 authentication started ldap_sasl_interactive_bind_s: Invalid credentials (49) So, from a remote host, I had to add -x option: ldapsearch -x -D "cn=admin,dc=eb,dc=mil,dc=br" -w sped -p 389 -h 10.67.123.146 -b "dc=eb,dc=mil,dc=br" -s sub "(objectclass=*)" and it works again. So, after some google, it seems I need to configure/install SASL support; How do I do that ? thanks in advance Ricardo Sant'Ana VERNALIS SYSTEMS EMAIL NOTICE ----------------------------- The information contained in this email and any attachments is confidential and may be subject to copyright or other intellectual property protection. If you are not the intended recipient, you are not authorized to use or disclose this information, and we request that you notify us by reply mail or telephone and delete the original message from your mail system.
