Well that looks like the ldap "BINDUSER" is not being specified correctly or does not have enough permissions. Read up on Openldap :-) Sean > On 2 January 2013 16:17, Noc Phibee Telecom <noc@xxxxxxxxxxxxxxxxxx> > wrote: >> >> Thanks, >> >> i have a error: >> >> # search result >> search: 2 >> result: 1 Operations error >> text: 000004DC: LdapErr: DSID-0C0906DD, comment: In order to perform this >> ope >> ration a successful bind must be completed on the connection., data 0, >> v1772 >> >> >> >> do you know this error ? >> >> >> >> Le 27/12/2012 16:28, Sean Boran a écrit : >> >>> ldapsearch -x -D >>> cn='BINDUSER,ou=SOMETHING,ou=SOMETHING,dc=mydomain,dc=net' -b >>> 'dc=mydomain,dc=net' '(cn=USERTOLOOKFOR)' -h ldap.mydomain.net -W >>> >>> >>> On 26 December 2012 14:56, Kinkie <gkinkie@xxxxxxxxx> wrote: >>>> >>>> Hi, >>>> Active Directory exposes LDAP APIs, so you should be able to use any >>>> LDAP browser, including the command-line ldapsearch utility. >>>> >>>> On Wed, Dec 26, 2012 at 2:43 PM, Noc Phibee Telecom >>>> <noc@xxxxxxxxxxxxxxxxxx> wrote: >>>>> >>>>> Le 26/12/2012 13:03, Kinkie a écrit : >>>>> >>>>>> On Dec 24, 2012 4:15 PM, "Noc Phibee Telecom" >>>>>> <noc@xxxxxxxxxxxxxxxxxx> >>>>>> wrote: >>>>>>> >>>>>>> Hi >>>>>>> >>>>>>> If i want change my authentication process from NTLM/Samba to >>>>>>> Kerberos, >>>>>>> what is the process for add a group check ? >>>>>>> >>>>>>> Actually i use wbinfo_group.pl, but in kerberos, i can't start >>>>>>> winbind >>>>>>> process. >>>>>>> what is the solution ? >>>>>> >>>>>> Hi, >>>>>> You should be able to use the LDAP-based group authorization >>>>>> helper >>>>>> against Active Directory. >>>>>> >>>>>> >>>>> Thanks for your answer. >>>>> >>>>> do you know the process for browse the active directory on linux ? >>>>> >>>>> best regards >>>>> Jerome >>>>> >>>> >>>> >>>> -- >>>> /kinkie >>> >>> >> >
