ldap_simple_bind: Invalid credentials

I'm trying a ldapsearch.

The user is "domain\user" and the connection and bind is successfull with ApacheDirectoryStudio (see image), however I don't understand how to use the -D parameter in ldapsearch (maybe the problem is the bachslash ?).

I've tried with:

ldapsearch -h IT.xxxx.COM -D "CN=domain\user,DC=it,DC=xxxx,DC=com" -w Password -b base 'objectClass=*'  

but I get the error:

ldap_simple_bind: Invalid credentials --- 80090308: LdapErr: DSID-0C090400, comment: AcceptSecurityContext error, data 52e

Thanks for help. Giuseppe.k Apache-Connection

1 answer

  • answered 2019-11-08 20:31 mvreijn

    For connecting to AD over LDAP, you either specify the LDAP DN (e.g. CN=user,DC=domain) or the AD UPN (e.g. user@domain).

    In your case, remove the domain from the LDAP DN:

    ldapsearch -h IT.xxxx.COM -D "CN=user,DC=it,DC=xxxx,DC=com" -w Password -b base 'objectClass=*'
    

    The domain is already represented by DC=it,DC=xxxx,DC=com.