[Samba] Progress - Re: openLDAP access problem - Re: How do I list computers in the domain

[Rowland Penny]

On 18/09/15 19:31, Robert Moskowitz wrote:
>
>
> On 09/18/2015 01:35 PM, Rowland Penny wrote:
>> On 18/09/15 18:00, Robert Moskowitz wrote:
>>>
>>>
>>> On 09/18/2015 11:34 AM, Rowland Penny wrote:
>>>> On 18/09/15 16:15, Robert Moskowitz wrote:
>>>>> # ldapsearch -h homebase.home.htt -b "dc=home,dc=htt" -D 
>>>>> "cn=manager,ou=internal,dc=home,dc=htt" -s sub 
>>>>> "objectclass=GroupOfNames" -x -w m...
>>>>> ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
>>>>
>>>> OK, try this:
>>>>
>>>> ldapsearch -H ldap://homebase.home.htt -b "dc=home,dc=htt" -s sub 
>>>> -D "cn=manager,ou=internal,dc=home,dc=htt" 
>>>> "objectclass=GroupOfNames" -x -w "m..."
>>>>
>>>> A similar search works against one of my AD DCs
>>>
>>> No dice.  Took a bit to figure out how ClearOS forum works to ask a 
>>> question there.  Will see what I learn there.
>>>
>>>
>>>
>>
>> Hmm, I wonder if this is your problem, you posted earlier that the 
>> ldap_user_dn was:
>>
>> cn=manager,ou=Internal,dc=home,dc=htt
>>
>> and you are using : "cn=manager,ou=internal,dc=home,dc=htt"
>>
>> i.e. you are using a lowercase 'i' whereas the OU starts with an 
>> uppercase 'I'
>
> I was told that ClearOS is configured to use ldaps:// for network 
> access; it only uses ldap for internal access.
>
> So instead of '-h localhost', I needed '-H ldaps://<ipaddr>' and it 
> worked.
>
> So next step is to set up the files on the samba AD so that 
> classicupdate will be able to access the ClearOS ldap....
>
>

Damn, I should have realised that, it is using port 636 instead of the 
standard 389 port, anyway, at least you are moving forward.

Rowland