| Welcome to the Zimbra :: Forums! | |
Welcome, if you would like to post a comment please register.
We also encourage you to explore all things Zimbra with our team and members of the community.
|
 | | 
05-12-2009, 10:18 AM
| | |  [SOLVED] LDAP question???
Hello,
Little help please. I’ am trying to find a CLI command that would use users username and password and check weather that user (with that password) exists in my Zimbra system. I used the ldapserach command ( ldapsearch –h 1.2.3.4 –xZZ uid=joe ) and got the answer, but I need a command (or some other way) to give a user name and password (both are mandatory) and to receive similar answer.
Thanks for your effort
Kostres |
05-12-2009, 10:29 AM
| | Zimbra Consultant & Moderator | |
Posts: 20,313
| |
You're not going to be able to do that as the passwords are encrypted.
__________________
Regards
Bill
|
05-12-2009, 11:57 AM
| | | trouble...
Thanks Bill.
Is there any other way?? I need this because I want to auth. users on my sistem and then to allow them to use another system. Any ideas how to solve this ???
Kostres |
05-12-2009, 12:20 PM
| | Zimbra Consultant & Moderator | |
Posts: 20,313
| |
You might want to take a look at preauth.
__________________
Regards
Bill
|
05-12-2009, 01:38 PM
| | | trouble, again...
"Preauth stands for pre-authentication, and is a mechanism to enable a trusted third party to "vouch" for a user's identity. For example, if a user has already signed into a portal and wants to enter the mail application, they should not have to be prompted again for their password. "
This is almost it! Thing is that I' am that third party  and I'am the system that has to "vouch" for users identity. I work for faculty and one site is giveing free access to our students. Their site has ability to ask our site weather is the guy who is trying to log in our student. I have to "vouch" for him somehow.
Thanks Bill
Kostres |
05-13-2009, 04:02 AM
| | | ldapsearch bind as
Use -D <dn> -w <pwd> to bind to the directory server, for example:
ldapsearch -D 'cn=username,dc=example,dc=com' -w changeme |
05-13-2009, 05:59 AM
| | | not working...
command: ldapsearch -h 111.222.33.44 -D 'cn=joe,dc=my,dc=domain,dc=com' -w joes_password
returned: SASL/GSSAPI authentcation started
ldap_sasl_interactive_bind_s: Local error (-2)
aditional info: SASL (-1): generic failure: GSSAPI Error: Miscellananeous failure (see text) .... no such file or directory...
This just isn't working (or I' should be a politician, instead of sysadmin) 
Thanks
Kostres |
05-13-2009, 02:55 PM
| | Zimbra Employee | |
Posts: 580
| |
Quote:
Originally Posted by kostres  command:
ldapsearch -h 111.222.33.44 -D 'cn=joe,dc=my,dc=domain,dc=com' -w joes_password | You are missing the -x option.
__________________
Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
--------------------
Zimbra :: the leader in open source messaging and collaboration
|
05-15-2009, 12:35 AM
| | |
Quote:
Originally Posted by quanah You are missing the -x option. | Now i got: ldap_bind "Invalid credentials (49)" error message.
command:
ldapsearch -h 111.222.33.44 -x -D 'cn=joe,dc=my,dc=domain,dc=com' -w joes_password
should work because I use that username and pass to read my mail every day.
So far only command that worked is: ldapsearch –h 111.222.33.44 –xZZ uid=joe .
Thanks for your effort... |
05-15-2009, 04:41 AM
| | | Some progress made..... !!
I used the following command:
ldapsearch -h 111.111.222.333 -x -D 'uid=joe,ou=people,dc=this,dc=is,dc=my,dc=domain,dc=com' -w joes_pass
and server printed out all 5000 users on screen! Now that is almost what I need... Now is there a way to filter this?? It is enough if it returns true or false or just few lines with joe's data???
Thanks Kostres
Last edited by kostres; 05-17-2009 at 10:38 AM..
| | Thread Tools | Search this Thread | | | | | Display Modes |  Linear Mode | | Why Join? Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.   |
Bugzilla
Wiki
Source
