[Samba] LDAP query to Samba AD DC
Rowland Penny
rpenny at samba.org
Fri Dec 16 08:30:02 UTC 2022
On 15/12/2022 23:09, Nicolas Canonne via samba wrote:
>
> Le 16/12/2022 à 02:28, Yang Yang via samba a écrit :
>> Hello,
>>
>> When Samba is set up as an Active Directory Domain Controller, can it
>> response to LDAP queries?
>>
>> I set up Samba as an Active Directory Domain Controller, following
>> guide in samba wiki
>> <https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller> , and I can add Windows machines and login with samba users, as expected. However, when I tried LDAP query to any base DN, the answer had always been “No such object”.
>>
>> Does Samba as an Active Directory Domain Controller support LDAP
>> queries? Is there something else I shall do to make it work?
> On a DC itself that uses smb.domain.ext , I use something like :
>
> server at dc1:~$ sudo ldapsearch -ZZ -H ldap://dc1.smb.domain.ext:389 -b
> 'DC=smb,DC=domain,DC=ext' -D 'SMB\Administrator' -w 'mysecretadminpassword'
>
> It tells to use TLS (required)
>
I never search Samba ldap using ldapsearch, I use ldbsearch with the
machine password:
sudo ldbsearch -H ldap://rpidc1 -b 'dc=samdom,dc=example,dc=com' -P
That is more secure than ldaps
Rowland
More information about the samba
mailing list