Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: [SOLVED] LDAP question???

  1. #1
    kostres is offline Member
    Join Date
    May 2009
    Posts
    13
    Rep Power
    5

    Default [SOLVED] LDAP question???

    Hello,
    Little help please. I am trying to find a CLI command that would use users username and password and check weather that user (with that password) exists in my Zimbra system. I used the ldapserach command ( ldapsearch h 1.2.3.4 xZZ uid=joe ) and got the answer, but I need a command (or some other way) to give a user name and password (both are mandatory) and to receive similar answer.

    Thanks for your effort

    Kostres

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    You're not going to be able to do that as the passwords are encrypted.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    kostres is offline Member
    Join Date
    May 2009
    Posts
    13
    Rep Power
    5

    Default trouble...

    Thanks Bill.

    Is there any other way?? I need this because I want to auth. users on my sistem and then to allow them to use another system. Any ideas how to solve this ???

    Kostres

  4. #4
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    You might want to take a look at preauth.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    kostres is offline Member
    Join Date
    May 2009
    Posts
    13
    Rep Power
    5

    Default trouble, again...

    "Preauth stands for pre-authentication, and is a mechanism to enable a trusted third party to "vouch" for a user's identity. For example, if a user has already signed into a portal and wants to enter the mail application, they should not have to be prompted again for their password. "

    This is almost it! Thing is that I' am that third party and I'am the system that has to "vouch" for users identity. I work for faculty and one site is giveing free access to our students. Their site has ability to ask our site weather is the guy who is trying to log in our student. I have to "vouch" for him somehow.

    Thanks Bill
    Kostres

  6. #6
    ldapguru is offline Starter Member
    Join Date
    May 2009
    Posts
    1
    Rep Power
    5

    Default ldapsearch bind as

    Use -D <dn> -w <pwd> to bind to the directory server, for example:

    ldapsearch -D 'cn=username,dc=example,dc=com' -w changeme

  7. #7
    kostres is offline Member
    Join Date
    May 2009
    Posts
    13
    Rep Power
    5

    Default not working...

    command:
    ldapsearch -h 111.222.33.44 -D 'cn=joe,dc=my,dc=domain,dc=com' -w joes_password
    returned:
    SASL/GSSAPI authentcation started
    ldap_sasl_interactive_bind_s: Local error (-2)
    aditional info: SASL (-1): generic failure: GSSAPI Error: Miscellananeous failure (see text) .... no such file or directory...


    This just isn't working (or I' should be a politician, instead of sysadmin)

    Thanks
    Kostres

  8. #8
    quanah is offline Zimbra Employee
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,196
    Rep Power
    9

    Default

    Quote Originally Posted by kostres View Post
    command:
    ldapsearch -h 111.222.33.44 -D 'cn=joe,dc=my,dc=domain,dc=com' -w joes_password
    You are missing the -x option.
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

  9. #9
    kostres is offline Member
    Join Date
    May 2009
    Posts
    13
    Rep Power
    5

    Default

    Quote Originally Posted by quanah View Post
    You are missing the -x option.
    Now i got: ldap_bind "Invalid credentials (49)" error message.

    command:
    ldapsearch -h 111.222.33.44 -x -D 'cn=joe,dc=my,dc=domain,dc=com' -w joes_password
    should work because I use that username and pass to read my mail every day.

    So far only command that worked is: ldapsearch h 111.222.33.44 xZZ uid=joe .

    Thanks for your effort...

  10. #10
    kostres is offline Member
    Join Date
    May 2009
    Posts
    13
    Rep Power
    5

    Default Some progress made..... !!

    I used the following command:
    ldapsearch -h 111.111.222.333 -x -D 'uid=joe,ou=people,dc=this,dc=is,dc=my,dc=domain,dc=com' -w joes_pass

    and server printed out all 5000 users on screen! Now that is almost what I need... Now is there a way to filter this?? It is enough if it returns true or false or just few lines with joe's data???

    Thanks Kostres
    Last edited by kostres; 05-17-2009 at 10:38 AM.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. LDAP Cannot bind on migration to new server
    By neekster in forum Migration
    Replies: 23
    Last Post: 03-09-2009, 02:08 AM
  2. upgrading from 5.0.4 to 5.0.5 opensource
    By smoke in forum Installation
    Replies: 4
    Last Post: 10-19-2008, 10:38 AM
  3. Replies: 8
    Last Post: 08-07-2008, 05:18 AM
  4. Zimbra Install Problem - getDirectContext
    By bsimzer in forum Installation
    Replies: 27
    Last Post: 07-19-2007, 10:12 AM
  5. 3 testing: LDAP: 389 Failed when restore zimbra
    By victorLeong in forum Administrators
    Replies: 15
    Last Post: 05-24-2007, 06:45 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •