ldapsearch: Invalid credentials (49)

Question

I am trying to authenticate against our institutional LDAP server with the command ldapsearch. My user info in LDAP is shown in the following image:

I used this command below to search by my DN:

ldapsearch -x -H ldap://ldap.mdanderson.edu:389 -D "CN=Djiao,OU=Institution,OU=People" -b DC=mdanderson,DC=edu -w xxxyyyzzz

However I got the error:

ldap_bind: Invalid credentials (49)
    additional info: 80090308: LdapErr: DSID-0C0903A9, comment: AcceptSecurityContext error, data 52e, v1db1

Something wrong with my command?

score 6 · Accepted Answer · answered Apr 19 '16 at 23:56

6

your binddn is not the same one as in the screenshot, it should be CN=Djiao,OU=Institution,OU=People,DC=mdanderson,DC=edu.

Your password could be wrong too ;-), but I assume you know best

answered Apr 19 '16 at 23:56

natxo asenjo

I tried the whole thing as DN for search first and that did not work. Then decided to break up the string. – Nasreddin Apr 20 '16 at 00:08
2

error 49 is 'wrong pasword'. So either your binddn is wrong, or your password is wrong. Consult your it stuff at the uni – natxo asenjo Apr 20 '16 at 05:31
2

I changed the command to `ldapsearch -LLL -x -H ldap://ldap.mdanderson.edu -D CN=Djiao,OU=Institution,OU=People,DC=mdanderson,DC=edu -b DC=mdanderson,DC=edu -w xxxyyyzzz` and ran again. No error this time. But it prints out a bunch of stuff (> 70000 lines) and I can't even find my cn (djiao) in the output. At the end it says `Size limit exceeded (4)`. What does that mean? – Nasreddin Apr 20 '16 at 14:13
1

it means that you have requested the ouput of the whole ldap tree and that is what you got until the limit of the ldap server. You need to filter the info, but that is out of the scope of this forum. Your problem here is solved, you could bind to the directory using your user/name combination – natxo asenjo Apr 20 '16 at 14:40

1 Answers1