I'm new with LDAP, and I'm having some problems binding/searching using a
gMSA. I also can't find anything useful online about how to do this. We
have some customers that want to change the account used for running
services to a gMSA, so I have tried to create a connection only using the
DN of the group managed service account. I've tried using
LDAPConnectionOptions with setBindWithDNRequiresPassword=true, and then
using a SimpleBindRequest with the gMSA DN and an empty password. The
binding seems to go ok, as I receive a result code='0 (success)', but
when I try to do a search, I get the following exception:
Exception in thread "main" LDAPException(resultCode=1 (operations error),
numEntries=0, numReferences=0, diagnosticMessage='000004DC: LdapErr:
DSID-0C090A5C, comment: In order to perform this operation a successful
bind must be completed on the connection., data 0, v4563 ',
ldapSDKVersion=6.0.1, revision=ca9bd061ccfdbf76247f8d6e011f1bc7f53eb520')
I've tried all sorts of stuff, but I can't seem to figure out how to do
this.
Hi.
I'm new with LDAP, and I'm having some problems binding/searching using a
gMSA. I also can't find anything useful online about how to do this. We
have some customers that want to change the account used for running
services to a gMSA, so I have tried to create a connection only using the
DN of the group managed service account. I've tried using
LDAPConnectionOptions with setBindWithDNRequiresPassword=true, and then
using a SimpleBindRequest with the gMSA DN and an empty password. The
binding seems to go ok, as I receive a result code='0 (success)', but
when I try to do a search, I get the following exception:
Exception in thread "main" LDAPException(resultCode=1 (operations error),
numEntries=0, numReferences=0, diagnosticMessage='000004DC: LdapErr:
DSID-0C090A5C, comment: In order to perform this operation a successful
bind must be completed on the connection., data 0, v4563 ',
ldapSDKVersion=6.0.1, revision=ca9bd061ccfdbf76247f8d6e011f1bc7f53eb520')
I've tried all sorts of stuff, but I can't seem to figure out how to do
this.