[Samba] ldbsearch returning NT_STATUS_INVALID_PARAMETER
Andrew Bartlett
abartlet at samba.org
Sun Nov 4 20:34:19 MST 2012
On Wed, 2012-10-31 at 19:51 +0000, Bethel, Zach wrote:
> I have a Samba DC connected to two Windows 2008 R2 DC's. On the Samba machine, if I run `ldbsearch -H ldaps://*SAMBA-DC-IP* -U administrator`
>
> It asks for my password and then works great. I can use any domain user and this works. However, if I instead run:
>
> `ldbsearch -H ldaps://10.120.160.12 -k1 --krb5-ccache=/tmp/krb5cc_0`
>
> I get this:
>
> Failed to bind - LDAP client internal error: NT_STATUS_INVALID_PARAMETER
> Failed to connect to '...' with backend 'ldaps': (null)
> Failed to connect to ... - (null)
>
> This happens regardless of whether or not the ticket exists at /tmp/krb5cc_0 (I can run kinit to create it and kdestroy to remove it). It's not the most useful error message...and strace isn't turning up anything interesting.
>
> Any ideas?
Kerberos requires a name for the target (all entries in the KDC are
indexed by name), so we fail if presented with an IP address.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the samba
mailing list