none
LDAPS how do I connect?

    Question

  • I have enabled Secure LDAP, but I can't figure out how to connect.

    I tried using the Softerra ldap browser, but what ever I try I keep getting the supplied credential is invalid.

    Can some one give me a working example how to connect maybe a powershell script or something.

    Thanks,

    John


    John

    Saturday, April 22, 2017 12:57 PM

All replies

  • What exactly you are trying to perform? Are you trying to connect to the managed domain using secure LDAP over the internet?
    Could you share the snapshot of the error message? Conceal any sensitive information before sharing it. 

    You may also refer to the documentation on Configure Secure LDAP (LDAPS) for an Azure AD Domain Services managed domain.
    Sunday, April 23, 2017 12:39 PM
    Moderator
  • After some playing around I manager to get the ldap browser working. It was apparently some issue with the certificate. I hoped having this working I'd manage to get it working on a qnap. But it's not I'm afraid that it might requires some scheme changes to work. I now get the following error in log.smbd 2017/04/23 20:01:29.777312, 0] ../source3/passdb/pdb_ldap.c:6534(pdb_ldapsam_init_common) pdb_init_ldapsam: WARNING: Could not get domain info, nor add one to the domain. We cannot work reliably without it. [2017/04/23 20:01:29.777481, 0] ../source3/passdb/pdb_interface.c:179(make_pdb_method_name) pdb backend ldapsam:ldaps://aads.xxxx.com did not correctly init (error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO) Any ideas what might solve this?

    John

    Sunday, April 23, 2017 6:03 PM
  • Not sure if it is possible, but I'm looking to link it on Linux with nss_ldap.

    Apparently it looks for objectclass posixAccount by default, but I can't figure out if all required mappings are possible. Has anyone done this allready?


    John

    Monday, April 24, 2017 6:18 PM
  • For this, we would request you to create a Technical Support Ticket as our engineers would need to work with you on the issue and would require more details like your Subscription and/or Tenant details. This would be beyond the purview of the Forums Support.
    Tuesday, April 25, 2017 4:34 AM
    Moderator