[Samba] How to use --simple-bind-dn in samba-tool

Andrew Bartlett abartlet at samba.org
Thu Aug 8 21:47:23 MDT 2013

On Fri, 2013-08-09 at 10:43 +0700, Olivier Nicole wrote:
> Thank's Andrew,
> > For the record, for other non-AD servers that don't do SASL and so can't
> > use -U, --simple-bind-dn takes a DN, so cn=admin,dc=example,dc=com might
> > be the admin DN on an OpenLDAP server.
> I tried:
>   samba-tool user setpassword tata --newpassword=Ghij-1919 -d 10 -H
> ldap://fbsd35.cs.ait.ac.th/
> --simple-bind-dn=cs=administrator,dc=cs,dc=ait,dc=ac,dc=th
> But it is still giving me the same error, so I suspect the DN is not correct.
> I could not find any documentation saying what the DN should be.

Perhaps I need to be clearer: 

DO NOT USE --simple-bind-dn against an AD server.  

USE -U administrator

Additionally, your DN above has a typo, cs=administrator rather than

Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Catalyst IT                   http://catalyst.net.nz

More information about the samba mailing list