White, David via FreeIPA-users wrote: > We have a IPA environment that has an existing trust with Active Directory. > > I'm trying to troubleshoot some things, and am trying to run a `ldapsearch` > against our IPA environment. > It keeps asking for an LDAP Bind password. > > 1. I know the Directory Admin password > 2. I know the local 'admin' password to get into the UI as the "admin" userĀ > 3. I know my own Active Directory password. > > None of these passwords are working. > > [root@cha-cop-lab-mgt-ath-001 whitedm]# ldapsearch -ZZ -H > ldap://ipa-hostname-001.lab.example.net -b > 'cn=compat,dc=fiberlab,dc=example,dc=net' -D 'cn=whitedm' -W > Enter LDAP Password: > ldap_bind: Invalid credentials (49) > > I recall setting up the LDAP password on the initial install of the IPA > software when these servers were first launched. > How can I reset this LDAP password? >
The format of the bind DN is incorrect. It is neither DM, admin or Administrator for one. I assume you are trying to bind as yourself? It would be something like -D 'uid=whitedm,cn=users,cn=accounts,dc=example,dc=net' For admin replace whitedm with admin. For DM use -D 'cn=Directory Manager' I'm not sure about binding as the AD Administrator, whether that would be useful at all. rob _______________________________________________ FreeIPA-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
