我遇到了一点问题。我设置了一个 ldap 服务器,我的 mac 客户端需要从该服务器获取用户,但是当我尝试在用户和组设置中添加服务器时,某些东西阻止它获取用户。我尝试运行 ldap 搜索:
ldapsearch -h fredericia -x -b "ou=People,dc=mosek,dc=intranet" 'uid=tomas'
# extended LDIF
#
# LDAPv3
# base <ou=People,dc=mosek,dc=intranet> with scope subtree
# filter: uid=tomas
# requesting: ALL
#
# Tomas Nielsen, People, mosek.intranet
dn: cn=Tomas Nielsen,ou=People,dc=mosek,dc=intranet
objectClass: sambaSamAccount
objectClass: posixAccount
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
sambaDomainName: MOSEK.INTRANET
displayName: Tomas Nielsen
sambaPrimaryGroupSID: S-1-5-21-3478201071-2449328918-32663390-21005
sambaSID: S-1-5-21-3478201071-2449328918-32663390-21000
homeDirectory: /home/tomas
loginShell: /bin/bash
uid: tomas
cn: Tomas Nielsen
gidNumber: 10002
sn: Nielsen
givenName: Tomas
sambaNTPassword: xxxxxxxxxxxxxxxxxx (redacted)
sambaPasswordHistory: 00000000000000000000000000000000000000000000000000000000
00000000
sambaPwdLastSet: 1469779096
sambaAcctFlags: [XU ]
sambaHomePath: \\fredericia\tomas
uidNumber: 10005
sambaHomeDrive: Z:
sambaLogonScript: logon.bat
# search result
search: 2
result: 0 Success
# numResponses: 2
# numEntries: 1
但是当我尝试执行 ldapwhoami 时:
ldapwhoami -v -h fredericia -U tomas
ldap_initialize( ldap://fredericia )
SASL/DIGEST-MD5 authentication started
Please enter your password:
ldap_sasl_interactive_bind_s: Invalid credentials (49)
additional info: SASL(-13): user not found: no secret in database
为什么它可以在 ldap three 中找到用户,但不能执行 ldapwhoami?我确定输入了正确的密码。不知何故,mac 可以看到并与 ldap 服务器通信,只是发现它不会使用用户。
答案1
我发现错误
当我通过内置目录服务添加服务器时,我所需要做的就是将 ldap mappen 从“来自服务器”更改为“RFC2307”,然后它就可以完美运行了