ldapsearch -xLLL -H ldap://dbduvdu145.dbr.roche.com -D "cn=directory manager" -W uid=asteinfeld \* krbPwdLockoutDuration ? Enter LDAP Password: ldap_bind: Invalid credentials (49)
I know this user password because I reset it for the purpose of troubleshooting this issue with that account. I also get the same response when I use the admin account of my own account. -----Original Message----- From: Rich Megginson [mailto:[email protected]] Sent: Wednesday, October 17, 2012 1:15 PM To: Macklin, Jason {DASB~Branford} Cc: [email protected]; [email protected] Subject: Re: [Freeipa-users] Sudo works for full access, but not on a per command or host level. On 10/17/2012 11:13 AM, Macklin, Jason wrote: > None of my users have an LDAP password being requested by running that > command (except the admin user). > > Does each user account require an ldap account to go along with their login > account? I just get the following over and over no matter which account I > switch in the command... > > [jmacklin@dbduwdu062 Desktop]$ ldapsearch -xLLL -D "cn=directory manager" -W > uid=admin \* krbPwdLockoutDuration ? > Enter LDAP Password: > ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) > [jmacklin@dbduwdu062 Desktop]$ ldapsearch -xLLL -D "cn=directory manager" -W > uid=asteinfeld \* krbPwdLockoutDuration ? > Enter LDAP Password: > ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) > [jmacklin@dbduwdu062 Desktop]$ ldapsearch -xLLL -D "cn=directory manager" -W > uid=jmacklin \* krbPwdLockoutDuration ? > Enter LDAP Password: > ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) You have to specify which server to talk to using the -H ldap://fqdn.of.host option. _______________________________________________ Freeipa-users mailing list [email protected] https://www.redhat.com/mailman/listinfo/freeipa-users
