20

Here is my LDAP ORG Structure:

LDAP ORG Structure

I created user with first, last name with password. But it is not working when am trying to connect using jdbc. Error says invalid credentials. Then I tried ldapsearch as follows:

I followed this process for users and group creation: 

root@ip:/home# ldapwhoami
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Invalid credentials (49)
    additional info: SASL(-13): user not found: no secret in database

root@ip:/# ldapsearch -x -LLL -h ip -D username -w password -b"cn=admin,dc=ivhdev,dc=local" -s sub "(objectClass=*)" "givenName=username*"
ldap_bind: Invalid DN syntax (34)
    additional info: invalid DN

Please suggest/correct me, if am passing the right info in DN syntax. I am unable to validate the user credentials with their name and password.

codeforester
  • 39,467
  • 16
  • 112
  • 140
jack
  • 209
  • 1
  • 2
  • 3

2 Answers2

21

The -D option takes the DN for logging in to your LDAP server.

The -b option takes the search base in your LDAP tree where you want to search for the user's given name.

So, your ldapsearch command becomes:

ldapsearch -x -LLL -h ip -D 'cn=admin,dc=ivhdev,dc=local' -w password -b 'dc=users,dc=local' -s sub '(objectClass=*)' 'givenName=username*'
codeforester
  • 39,467
  • 16
  • 112
  • 140
anacron
  • 6,443
  • 2
  • 26
  • 31
  • it worked, how do i validate the user with password is correct using the command. – jack Mar 17 '17 at 13:56
  • If you want to validate the same user's credentials simply replace the admin credentials with the user's credentials un the above command. It should work. – anacron Mar 18 '17 at 03:16
  • worked for me but I had to put to all the user info in -D. example `CN=Lastname\, Firstname M (username),OU=Integration,OU=Corp Ops Engin_Tech,OU=Corporate,OU=Accounts,OU=SPECTR,DC=corp,DC=companycom,DC=com` – Joe Jadamec Jan 08 '19 at 23:21
4

If you use the Apache Directory Studio (http://directory.apache.org/studio/) you can see the actual ldapsearch commands used by the application. Maybe this is useful for anyone.

aemaem
  • 935
  • 10
  • 20