[Ltb-users] Active directory Password

MEKLAT Jonathan jonathan.meklat at effitic.com
Fri May 20 10:40:37 CEST 2011


Thank you for your answer.

 

I check and it don’t work.

 

Here is my ldap settings :

$ldap_url = "ldaps://domainsrv.domain.local:636";

$ldap_binddn = "cn=Jonathan Meklat,ou=utilisateurs,dc=domain,dc=local";

$ldap_bindpw = "******";

$ldap_base = "ou=utilisateurs,dc=domain,dc=local";

$ldap_filter = "(&(objectCategory=user)(sAMAccountName={login}))";

 

You will find my ldap.conf in attachment.

 

Here now the error message :

 



 

The password is refused.

 

Regards,

 

Jonathan MEKLAT

Informatique Interne

 

cid:image008.png at 01CA4C2A.7EA37760

 

/ 19, Rue du Général FOY 75008 PARIS/

/ t +33 (0) 1 58 22 81 40 / f +33 (0) 1 45 22 12 95/ interne 3181

/ gsm +33 (0)6 85 43 09 54 /

/ e  <mailto:informatique.interne at effitic.com>
informatique.interne at effitic.com/

/ e  <mailto:jonathan.meklat at effitic.com> jonathan.meklat at effitic.com/

/  <http://www.effitic.com/> www.effitic.com /

 

cid:image009.png at 01CA4C2A.7EA37760 Adoptez l'éco-attitude.
N'imprimez ce mail que si c'est vraiment nécessaire

 

De : admin [mailto:admin at webmerchantsinc.com] 
Envoyé : vendredi 20 mai 2011 10:23
À : MEKLAT Jonathan
Cc : ltb-users at lists.ltb-project.org
Objet : Re: [Ltb-users] Active directory Password

 

Hello Jonathan,
This is my ldap settings in : 
config.inc.php

$ldap_url =  <ldaps://pdc.mydomain.com:636> "ldaps://pdc.mydomain.com:636";
$ldap_binddn = "CN=passwordchanger,OU=Staff.com,DC=MYDOMAIN,DC=com";
$ldap_bindpw = "******";
$ldap_base = "dc=MYDOMAIN,dc=COM";
$ldap_filter = "(&(objectClass=user)(sAMAccountName={login}))";

Also, try to test with this option:
nano /etc/ldap/ldap.conf
TLS_REQCERT allow

On 5/20/2011 11:10 AM, MEKLAT Jonathan wrote: 

Hello all,

I try to set up the solution Self-service Password with an Active Directory
but I meet problems.
I believed to understand that it was necessary to be in
LDAPS://servername:(636) to be able to change the password with the
application.

It is there that appears my problem given that I can't change the active
directory password.
Logins is found well but the change of password is made and several errors
generate.

I installed a certificate of security on the controller of domain to allow
the connection ldaps, but it's not possible since my server accommodating
Self-service Password.

I use Debian 5.

Would you have a complete procedure to set up this solution with active
directory please?

Thank you by advance

PS : Errors:

Warning: ldap_connect() [ <http://10.1.0.247/password/function.ldap-connect>
function.ldap-connect]: Could not create session handle: Bad parameter to an
ldap routine in/var/www/password/pages/change.php on line 62
Warning: ldap_set_option(): supplied argument is not a valid ldap link
resource in /var/www/password/pages/change.php on line 63
Warning: ldap_set_option(): supplied argument is not a valid ldap link
resource in /var/www/password/pages/change.php on line 64
Warning: ldap_bind() expects parameter 1 to be resource, boolean given in
/var/www/password/pages/change.php on line 68
Warning: ldap_errno(): supplied argument is not a valid ldap link resource
in /var/www/password/pages/change.php on line 73
Warning: ldap_search(): supplied argument is not a valid ldap link resource
in /var/www/password/pages/change.php on line 81
Warning: ldap_errno(): supplied argument is not a valid ldap link resource
in /var/www/password/pages/change.php on line 83
Warning: ldap_first_entry(): supplied argument is not a valid ldap link
resource in /var/www/password/pages/change.php on line 90
Warning: ldap_get_dn(): supplied argument is not a valid ldap link resource
in /var/www/password/pages/change.php on line 91

Regards,

Jonathan MEKLAT
cid:image008.png at 01CA4C2A.7EA37760
/ 19, Rue du Général FOY 75008 PARIS/
/ t +33 (0) 1 58 22 81 40 / f +33 (0) 1 45 22 12 95/ interne 3181
/ gsm +33 (0)6 85 43 09 54 /
/ e  <mailto:informatique.interne at effitic.com>
informatique.interne at effitic.com/
/ e  <mailto:jonathan.meklat at effitic.com> jonathan.meklat at effitic.com/

/  <http://www.effitic.com/> www.effitic.com /

 

cid:image009.png at 01CA4C2A.7EA37760 Adoptez l'éco-attitude.
N'imprimez ce mail que si c'est vraiment nécessaire

 

 
 
_______________________________________________
ltb-users mailing list
ltb-users at lists.ltb-project.org
http://lists.ltb-project.org/listinfo/ltb-users

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ltb-project.org/pipermail/ltb-users/attachments/20110520/1c9a8c9d/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 6376 bytes
Desc: not available
URL: <http://lists.ltb-project.org/pipermail/ltb-users/attachments/20110520/1c9a8c9d/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 1547 bytes
Desc: not available
URL: <http://lists.ltb-project.org/pipermail/ltb-users/attachments/20110520/1c9a8c9d/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 78455 bytes
Desc: not available
URL: <http://lists.ltb-project.org/pipermail/ltb-users/attachments/20110520/1c9a8c9d/attachment-0005.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ldap.conf
Type: application/octet-stream
Size: 175 bytes
Desc: not available
URL: <http://lists.ltb-project.org/pipermail/ltb-users/attachments/20110520/1c9a8c9d/attachment-0001.obj>


More information about the ltb-users mailing list