Questions tagged [ldap]
LDAP is Lightweight Directory Access Protocol.
309 questions
0
votes
1
answer
25
views
Alpine Linux+ldap_pam: can login through ssh, can't su or sudo with ldap accounts
I've installed nss-pam-ldapd on an Alpine Linux server, edited nslcd.conf to use an ldap server I have running elsewhere, and added "UsePAM yes" to /etc/ssh/sshd_config. I have two local ...
- 163
0
votes
1
answer
36
views
How to do bind operation in ldap without explicitly using credentials (anonymous bind is not allowed)
I have built portal for my company and due to some requirement we need to query ldap server to fetch some details. However, I am not allowed to use/store any credentials for query ldap. Also the ldap ...
0
votes
0
answers
316
views
Windows Server AD DS LDAP switched servers
I have a Windows Server 2022, there's 2 DCs, 192.168.1.9 and 192.168.1.20.
The main one is supposed to be 192.168.1.9 and as far as I've been told the 192.168.1.20 is to isolate connections coming ...
- 118
1
vote
0
answers
93
views
ldapsearch command suddenly stopped working on my Mac
I used to be able to run ldapsearch commands from my mac. But it suddenly stopped working since yesterday
Below is how my config file looks and it has remained like this for sometime now.
$ cat /etc/...
- 31
0
votes
0
answers
36
views
Deleted accidentally the admin of the IPA server
I deleted from the GUI the admin user on ipa. I'm trying to restore it by assigning admin permissions to some other ipa users but i'm getting back this error:
Failed members:
member user: superuser: ...
- 1
0
votes
0
answers
338
views
Enabling Null Sessions on an Active Directory Environment
I did setup an active directory environment with virtual machines and I'd like to enable null sessions on rpc and smb protocols.
the purpose is to be able to extract domain usernames with the ...
0
votes
0
answers
96
views
SSO authentication for Shiny Server
We have been using Shiny Server Pro with LDAP authentication. Now, we want to use Single Sign On (SSO) based service with Shiny Server Pro or the open source version (if possible).
I have looked in ...
- 1
0
votes
0
answers
41
views
Issues with LDAP plugin for Tuleap Community Edition
That’s my LDAP configuration
$sys_ldap_server_common_name = 'Active Directory';
$sys_ldap_server = 'ldap://XXXXXXXXXXXXXXXXXXXX';
$sys_ldap_server_type = 'ActiveDirectory';
$sys_ldap_dn = 'OU=...
1
vote
0
answers
38
views
Need help in creating custom objectclasses and attributetypes in openldap
I am trying to create an custom attribute in openldap. For which i am suppose to create an objectclasses. Here my ldif file below.
Ldif File Content
dn: cn=schema,cn=config
changetype: modify
add: ...
Shubham Mitkary
0
votes
0
answers
47
views
Managing SSH access and who has access
I'm currently implementing AD and some of the users access external servers via SSH (not hosted within the AD) and I'm looking for a way to monitor who is accessing them and maybe limit them. As far ...
0
votes
1
answer
445
views
LDAP manipulation - Powershell or any other langage?
For a synchronization script, I need to connect to a LDAP (not an AD), search for few users then extract their usercertificate.
As the rest of the script is already written in PowerShell, I thought it ...
- 3
0
votes
1
answer
437
views
How can I create SMB shares accessible from Windows/Mac/Linux clients which are hosted on a linux server (with login via LDAP)?
I currently replace old NAS systems with a fileserver. I am looking for a solution to create CIFS/SMB shares on the fileserver (Debian 12) which shall be protected by a login which works via LDAP ...
- 41
0
votes
1
answer
350
views
How to skip the password typing when installing library
I installed the library with.
$sudo apt-get install slapd ldap-utils
While installing it stops and asks,
please enter the password for the admin entry in your ldap directory.
I am using Dockerfile, ...
- 715
0
votes
1
answer
728
views
Which LDAP server is used by default?
When doing LDAP requests in C# for example, I do not need to explicitly use an LDAP server address for PrincipalContext and DirectoryEntry. I can use one, but it will find users even without.
How does ...
- 149
2
votes
2
answers
2k
views
Ansible - How to create dynamic inventory that fetches hosts from microsoft AD
I am using Ubuntu as a control-node, and would like to get the hosts from my domain controller (windows server 2022), the LDAP-Inventory Guide & microsoft.ad.ldap inventory – Inventory plugin for ...
- 33
1
vote
0
answers
608
views
How to add a password policy on OpenLDAP 2.4.11?
I have a server with OpenLDAP 2.4.11 installed.
I'm trying to add a password policy for all my users.
So, I enable ppolicy module :
bash# grep ppolicy /etc/ldap/slapd.conf
include /etc/ldap/...
- 111
0
votes
0
answers
82
views
Use ldapclient in Local as test
I am studying about LDAP
Currently, I setup ldap server and check.
My setting is like this below
$ldapsearch -x -LLL -b "dc=myexample,dc=com"
dn: dc=myexample,dc=com
objectClass: top
...
- 715
0
votes
1
answer
276
views
How to find all computers running Windows 10 with Active Directory DirectorySearcher?
I'm trying to set a filter for a System.DirectoryServices.DirectorySearcher that locates all computers running Windows 10 within a domain. What is the syntax for a filter that combines two criteria? I ...
- 289
0
votes
0
answers
1k
views
ldap_bind: Invalid Credentials (49) How can I solve it?
When I try to use the command ldapadd -x -D cn=admin,dc=jonaserver,dc=com -W -f ou.ldif it asks me for a password which I'm supposed to put right. But it always says invalid credentials ( 49)
What can ...
Jonathan_Diez_
0
votes
1
answer
2k
views
Can I look up DNS A records through ldap?
I am trying to gather our domain controllers host A records remotely.
I am able to use ldapsearch to gather lots of info about the schema, computers, and users. But I cant seem to find where the A ...
- 197
3
votes
0
answers
136
views
How to avoid hardcoded passwords on Apache httpd config file
I'm using an Apache Proxy with LDAP modules for authentication management. But I don't want to hardcode the password of the LDAP service user to query the domain.
I have already used other ...
- 131
0
votes
1
answer
937
views
ERROR: Could not find a version that satisfies the requirement taiga-contrib-ldap-auth-ext-2 (from versions: none)
i am trying to run docker Version of Taiga Version 6 with ldap support (kaleidos-ventures/taiga-docker) and TuringTux/taiga-contrib-ldap-auth-ext-2
When it comes to the custom-back/Dockerfile i have ...
- 81
1
vote
1
answer
903
views
Dynamically setting remote desktop users group membership via Active Directory Attribute
I've gotten a bit of a strange requirement that I have to fill, and I'm hoping to get working without user intervention down the line.
In our Windows environment we have multiple departments, each ...
- 21
0
votes
0
answers
74
views
Mac login via server
For my small business I have bought a Mac mini. Soon an extra employee will start to work here and he will use that Mac mini.
I can create 2 accounts on the Mac Mini, my own admin account and another ...
- 1
0
votes
1
answer
236
views
Cannot connect using wldap32 and apacheds over TLS (LDAPS)
I am using a dynamic language that via FFI it wraps the wldap32 dll. I am using ApacheDS and I can perfectly connect to it from my client using normal LDAP. However, I cannot connect to it when using ...
1
vote
3
answers
5k
views
Apache DS LDAP Server Fails to Start
I have a fresh ApacheDS (Version: 2.0.0.v20210717-M17) install on a Windows 11 on ARM. I have Java SDK 17 (LTS). I created a first server with all the defaults and it seems that the first time it ...
0
votes
0
answers
209
views
Linux "passwd" command can not force expire the password for the LDAP
I have basic of setup of LDAP. Users can log and change of their password (passwd user_name) but when I am trying force expire the password: password -e uesr_name I can not do it. I got the error: ...
- 1
0
votes
1
answer
297
views
Decode LDAP-CRL and get FQDN
I have a certificate with the following CRL:
URL=ldap:///CN=GOLF Root-CA,CN=VSCERT02,CN=CDP,CN=Public Key Services,CN=Services,CN=Configuration,DC=toplevel-domain,DC=de?certificateRevocationList?base?...
- 21
1
vote
0
answers
454
views
Ldapsearch through ssh tunell
I have four machines A, B, C, D and I would like to use ldapsearch on the first machine through an ssh tunnel over to C with a jump from B to C. Currently ldapsearch on C contacts the ldap server on D,...
- 11
0
votes
1
answer
218
views
Connect HP (Enterprise) MFCs to Google Secure LDAP
HP Enterprise MFCs running FutureSmart Firmware 3/4/5 support connecting to an LDAP server to retrieve email addresses for the Address Book (as well as printer user login, etc).
Google supports Secure ...
- 845
0
votes
1
answer
3k
views
LDAP proxy (or pass-through) to another LDAP server
This is probably somewhat similar to Using a LDAP proxy to debug LDAP requests but the answer there is not really helpful.
I need to connect multiple services which run in a Docker swarm to an ...
- 123
7
votes
3
answers
3k
views
Does a domain joined Windows 10 computer have built-in tools to query AD/LDAP?
I'm on a domain joined Windows 10 Computer and want to query the attributes of my own user account. Are there any built-in tools for that?
It is not an admin computer and I don't have RSAT installed. ...
- 1,375
0
votes
1
answer
1k
views
Proxy auto login using domain credential
I am using pfSense with squid proxy, linked and configured with LDAP to my win server 2016.
Every user is allowed to navigate but I need to log urls based on username.
Proxy authentication popup works ...
- 1
0
votes
1
answer
1k
views
Setting up high availability LDAP authentication using FreeIPA
I am trying to setup pfSense LDAP authentication using FreeIPA master/replica nodes.
I was able to directly connect to the master LDAP server using the hostname/ip-address but when it goes down how ...
1
vote
0
answers
392
views
openssl connection issue to ldap server
I'm running following command in docker container(Ubuntu 20.04) :
openssl s_client -debug -connect ldap-server-name:3269 < /dev/null
most of the time, it returns :
CONNECTED(00000003)
write to ...
- 145
1
vote
1
answer
2k
views
OpenLDAP complains that the fields are not indexed
I am using OpenLDAP (slapd) v2.4.47 on Debian.
It complains in the following manner in the logfile (/var/log/debug)
slapd[1142]: conn=1508 op=4 SRCH base="cn=persons,cn=internal" scope=2 ...
- 386
0
votes
2
answers
1k
views
How can make simple bind the default for ldapsearch?
I have the following in my ~/.ldaprc:
uri ldaps://my.corporate.ldap.server.com
base DC=corp,DC=companyname,DC=com
bindn CN=Ruben,OU=Users,OU=companyname,OU=SE,OU=Resources,DC=corp,DC=companyname,DC=...
- 673
3
votes
1
answer
8k
views
ldapmodify insufficient access (50)
I'm trying to enable logging in an openldap (slapd) server. So I tried to execute:
$ ldapmodify -D cn=admin,dc=domain,dc=tld -W -H ldap:/// <<EOF
> dn: cn=config
> changetype:modify
&...
- 198
0
votes
1
answer
602
views
How to use scrypt or Argon for Openldap version < 2.4.5
I know that support for Argon2 was released with OpenLdap 2.4.5 according to this link https://bugs.openldap.org/show_bug.cgi?id=8575, but what if I want to use it with a previous version like 2.4.4 ...
fishermansoccer
5
votes
1
answer
19k
views
LDAP filter to search for a DN
LDAP filters are powerful but I can't figure out how to search an object based on DN. Already I have many filter that searches for objects but searching for a specific DN does not seem to be supported....
- 837
0
votes
0
answers
925
views
OPENLDAP - ldapwhoami not working binding securely, but other applications does
I tried adding TLS hard in slapd.conf but it says
unknown directive inside backend database definition.
Tying by CLI the command
ldapwhoami.exe -H ldap://myldap.company.com -v -D "uid=dds,ou=...
- 761
1
vote
1
answer
1k
views
ldap authorizedkeyscommand failed status 255
I have a user that can't login into one of our Centos7 boxes using his public key from the LDAP server.
The error message that sshd logs (DEBUG mode on) is error: AuthroizedKeysCommand /usr/libexec/...
- 159
0
votes
1
answer
121
views
LDAP Custom Attribute based from compare
I know that we can create new LDAP attributes and attach them to users.
What I am not able to find is if there a capability to create a new LDAP attribute which is the result of a subtraction between ...
- 1
0
votes
2
answers
513
views
POSIX group names: singular or plural?
I'm creating an LDAP structure, part of which, obviously, is group membership. Things such as vdi-user, vmware-user, etc.
When creating these groups, is it more proper to use singular or plural for ...
- 862
3
votes
1
answer
3k
views
How to use Apache Directory Studio with a proxy?
I want to connect to an LDAP server running on a server at ldap.subnet.example.com using Apache Directory Studio.
I am running Apache Directory Studio 2.0.0.v20200411-M15 with java-14-openjdk on ...
- 410
0
votes
1
answer
18k
views
How do I add PHP-LDAP to a Docker Container
I installed a MediaWiki on a Docker in CentOS 8. I want to integrate LDAP. I installed the LDAP extensions and activated it in the LocalSettings.php file. Now, when I try to login in my wiki I get ...
- 1
1
vote
0
answers
1k
views
notepad.exe connects to tcp/389
I have recently began noticing several computers in my corporate network exhibiting some unexpected behavior when opening .txt and .rtf documents from a UNC path hosted on my DC using notepad.exe.
In ...
- 11
2
votes
2
answers
5k
views
How to run systemd user service with multiple Unix groups? (LDAP provides group membership)
I have a systemd user service which needs to access a folder owned by a Unix group which is inside another folder owned by another Unix group. "Others" do not even have read access. The user ...
- 131
1
vote
0
answers
214
views
phpldapadmin not authenticating ldap service
I am getting the above error message I pretty sure I am giving correct Login DN and password
I want to know how can I troubleshoot and inspect what is going wrong where
both the containers are ...
- 165
2
votes
1
answer
543
views
Using a LDAP proxy to debug LDAP requests
I currently fail to configure an application using LDAP/ActiveDirectory properly. The application - from my point of view - is a black box. Therefore, I cannot see what goes wrong with the LDAP ...
- 243