LDAP Admin Activity
Brought to you by:
tk1065
Activity for LDAP Admin
-
Arnold Oscar posted a comment on discussion Help
Unable to fetch search results from OpenLdap I am trying to fetch all results from OpenLdap for the below search query, but I get zero results. My java and Spring Boot code: `LdapQuery query = query().base("cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org") .where("objectClass").is("*"); List<String> results = ldapTemplate.search(query, (Attributes attrs) -> attrs.toString()); ` Below I have posted the screenshot of my OpenLdap structure: [image: ss.png] I have tried many different combinations...
-
I am trying to fetch all results from OpenLdap for the below search query, but I get zero results. My java and Spring Boot code: `LdapQuery query = query().base("cn=Devices,cn=DICOM Configuration,dc=dcm4che,dc=org") .where("objectClass").is("\*"); List<String> results = ldapTemplate.search(query, (Attributes attrs) -> attrs.toString()); ` Below I have posted the screenshot of my OpenLdap structure: I have tried many different combinations for fetching results, but none have returned any results....
-
Tihomir Karlovic posted a comment on discussion Help
it is, see here http://ldapadmin.org/docs/introduction.html
-
Martin Edward Main posted a comment on discussion Help
When I add a new user and type firstname and secondname, the displayname defaults to secondname, firstname. Is it possible to user reconfigure this for firstname secondname instead?
-
Could be a bug, I would need to do more research, can't promise at the moment. I've been tied in other projects for a few years now and my "of the top of my head" knowledge is slowly evaporating ;-)
-
Yes, as far as know there have bin no complaints so far. AND, since LdapAdmin is using Windows API, there is no reason not to work wit new versions. but, I only myself tested pn Windows 2012
-
Anonymous posted a comment on discussion Help
Please tell me. Does it work with Windows Server 2016/2019?
-
Anonymous posted a comment on discussion Help
Hi, I have an OpenLDAP with Kerberos Working. If I use ldapsearch from linux Client everything works as expected with GSSAPI or GSS-SPNEGO Mech. With ldapadmin on Windows 10 I got "SASL (-13) authentication failure GSSAPI failure: gss_accept_sec_context" The Client always tries "mech=GSS-SPNEGO" even if i select "GSSAPI" Debug log show "GSS-SPNEGO (NTLMSSP)" I use the same user with kerberos on linux and windows
-
How does your config looks like as compared to others? Particularly BaseDN
-
sebastien mahe posted a comment on discussion Help
Hi, I have acces to my AD and browse it fully with LDAPAdmin with all my users except 1 and i don't undersand why. I will name it Paul. To be precise, i can log in with my user Paul but i dont see my entire AD i can just see my CN=Configuration and that's it. My user Paul has the same privilege than the other user. At least, it seems so to me. Almost all my AD has the READ option for the authenticated user. Have you got an idea of what i am missing ? Thank you. I'm not fluent in english so i hope...
-
Paul posted a comment on discussion Help
It's "resolved". Kinda. So I exported the config on the desktop and imported everything in the laptop. And I got the storage-error. But when I make a new entry, it's perfectly possible to fill in and store the credentials. So it's more an export/import issue. Short term solution is recreating all entries by hand. This topic can be closed.
-
Sorry for the double post. This is the link to the topic: https://sourceforge.net/p/ldapadmin/discussion/305549/thread/e98a4e082c/
-
Why o why does my new laptop does not want to store Ldap Admin passwords? I've got a W10 desktop pc and on that one it's perfectly possible. But now I installed Ldap Admin on my new Windows 10 21H2 laptop and I can't store passwords. I've got this message "This storage can not store passwords". According to the documentation the passwords should be written in my registry. Google doesn't give any results (which is strange in itself). Anybody got a suggestion? Or a solution? cheers, Paul
-
Why o why does my new laptop does not want to store Ldap Admin passwords? I've got a W10 desktop pc and on that one it's perfectly possible. But now I installed Ldap Admin on my new Windows 10 21H2 laptop and I can't store passwords. I've got this message "This storage can not store passwords". According to the documentation the passwords should be written in my registry. Google doesn't give any results (which is strange in itself). Anybody got a suggestion? Or a solution? cheers, Paul
-
Pascal Verdieu posted a comment on discussion Help
Hi Tihomir, I too get the same error, even as running as admin. Have you ever looked into this? Thanks!
-
Ura modified a comment on discussion Open Discussion
https://linexp.ru/frontends-ldap/ldapadmin.html
-
the_majkl posted a comment on discussion Help
Solved. The problem is called Windows 7. No problem on Windows 10. Something in crypto is missing on W7.
-
Hi, I can not connect via ssl (636) to OpenLDAP server with 2048b key. I use FQDN in connection properties, the server certificate is issued for the same FQDN, I have root CA certificate in Windows root CA certificate store, there is no firewall on the path. The same client (LDAP Admin on Win7 Pro) has no problem to connect to 389 port on the same server and no problem connecting via ssl (636) to another OpenLDAP server with older key/certificate. How can I set LDAP Admin to save debug log to see...
-
CCD Help Desk posted a comment on discussion Help
We have a legacy app written in Delphi 5 that needs to be able to authenticate against LDAPS (port 636). Until now we've used calls either to IPWorks8 or to ActiveDS.dll (via the Jedi project) but neither of them are working with LDAPS, and with the significant age of the app (more than 15 years old) finding reliable libraries or header ports (Jedi) is difficult. Could LDAP Admin be linked into a Delphi 5 app to provide User Authentication? If not, then how could an old app like this connect securely...
-
Robert Nelson posted a comment on ticket #54
I'm using Delphi 10.3 Community Edition. I fixed the compile error by adding a cast to the second arg in line 417. My Version: PutLine('dn', PBytes(@Entry.utf8dn[1]), Length(Entry.utf8dn));
-
Francois Botha posted a comment on discussion Help
Hi, Our ActiveDirectory is quite large and often, when searching I would get a timeout. I'd like to increase the timeout value to e.g. 5min, but I don't see an option to do that anywhere. Would you be able to add one? Thanks so much.
-
Ralf Steinhaeusser created ticket #54
Which Delphi-Version
-
free07 posted a comment on discussion Open Discussion
yes
-
Is it possible to manage Active Directory accounts and groups with LDAP Admin ?
-
Raymond C modified a comment on discussion Help
I have deployed a docker openldap container, when creating this conatiner it has a default admin account which I can specify. I am able to create OUs and Groups. However, when I try to add a user inside the group, the "New" option is greyed out. When I use phpldapadmin I am able to create a posix user account which reflects sucessfully in LDAP Admin. Can anyone explain to me why is this option greyed out. Thanks!
-
I have deployed a docker openldap container, when creating this conatiner it has a default admin account which I can specify. I am able to create OUs and Groups. However, when I try to add a user inside the group the "New" option is greyed out. When I use phpldapadmin I am able to create a posix user account which reflects sucessfully in LDAP Admin. Can anyone explain to me why is this option greyed out. Thanks!
-
guolisen modified a comment on discussion Open Discussion
I try to use openldap api to query 1 item from LDAP server, it will use 0.6s, but I find that LDAP Admin is faster than openldap api, almost 100items/ per 0.6s, why? do you have some cache also? Thanks!
-
int main(int argc, char *argv[]) { LDAP *ld; char *dn; int version, rc; const char *root_dn = "cn=ldapadm,dc=extreme3,dc=com"; char *root_pass = "Password123!"; printf("Connecting %s in port %d...\n\n", HOSTNAME, PORTNUMBER); rc = ldap_initialize(&ld, HOSTNAME); if ( rc != LDAP_SUCCESS ) { printf("Error !"); } version = LDAP_VERSION3; ldap_set_option(ld, LDAP_OPT_PROTOCOL_VERSION, &version); printf("Bind!\n"); rc = ldap_simple_bind_s(ld, root_dn, root_pass); if (rc != LDAP_SUCCESS) { fprintf(stderr,...
-
I try to use openldap api to query 1 item from LDAP server, it will use 0.6s, but I find that LDAP Admin is faster than openldap api, almost 100items/ per 0.6s, why do you have some cache also? Thanks!
-
Claus posted a comment on ticket #60
Okay, new Version, new Options. DN is now delimited by " " Thats OK.
-
Export dsv
-
I think you should go to search - on Tab Options you can select your Attributes (like givenName, sAMAccountName, ...) and search. Report can be saved. I did not try commandline right now...
-
Jellyfish Technologies posted a comment on discussion Open Discussion
I'm looking for the same as well. Regards Jellyfish Technologies
-
Anonymous created ticket #53
Searchdialog Edit: DN-Syntaxerror from values with commas
-
Deepak Mehta posted a comment on discussion Open Discussion
How to generate a LDAP report containing details about username, status, hosts, sudo? can anyone help? i'm using LDAP admin version 1.6.0.0
-
Robert Campbell posted a comment on discussion Help
When I try to log in with my admin account, I get this error: Unrecognized error number: 8192: Function mcrypt_module_open() is deprecated I have disabled anonymous logins so I am unable to browse. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ When you are principled, set standards and stick to them some people will fall out of your life; let them!
-
Anonymous created ticket #24
Unable to modify when more than 255 char or so
-
Search by account name
-
Bioli posted a comment on discussion Help
Hi, I'm looking for help creating a couple of templates. One would be a "groupOfEntries" and I would like to have a listbox like the Members control from "Group of unique names" but it would let me choose organizations instead of users. Second, I would like to create a template for the "organization". Thank you!
-
Sikan Batu created ticket #23
LDAP error: Unavailable!
-
Anonymous created ticket #22
Compilation error in Ldif.pas file
-
Anonymous created ticket #21
GTZ DateTime on AD write issues
-
dtermin modified a comment on discussion Open Discussion
I'm having problems authenticating CentOS 7 clients to my CentOS 6 LDAP Server. CentOS 6 clients have no problems authenticating. Here are what I believe are the relevant errors from the logs: nslcd: [8b4567] <passwd="myaccount"> ldap_start_tls_s() failed (uri=ldap://myhost.lan/): Connect error nslcd: [8b4567] <passwd="myaccount"> failed to bind to LDAP server ldap://myhost.lan/: Connect error systemctl status nscld [root@ldap.client ~]# systemctl status nslcd nslcd.service - Naming services LDAP...
-
I'm having problems authenticating CentOS 7 clients to my CentOS 6 LDAP Server. CentOS 6 clients have no problems authenticating. Here are what I believe are the relevant errors from the logs: nslcd: [8b4567] <passwd="myaccount"> ldap_start_tls_s() failed (uri=ldap://myhost.lan/): Connect error nslcd: [8b4567] <passwd="myaccount"> failed to bind to LDAP server ldap://myhost.lan/: Connect error systemctl status nscld [root@ap26-int ~]# systemctl status nslcd nslcd.service - Naming services LDAP client...
-
I'm having problems authenticating CentOS 7 clients to my CentOS 6 LDAP Server. CentOS 6 clients have no problems authenticating. Here are what I believe are the relevant errors from the logs: nslcd: [8b4567] <passwd="myaccount"> ldap_start_tls_s() failed (uri=ldap://myhost.lan/): Connect error nslcd: [8b4567] <passwd="myaccount"> failed to bind to LDAP server ldap://myhost.lan/: Connect error systemctl status nscld [root@ap26-int ~]# systemctl status nslcd nslcd.service - Naming services LDAP client...
-
I'm having problems authenticating CentOS 7 clients to my CentOS 6 LDAP Server. CentOS 6 clients have no problems authenticating. Here are what I believe are the relevant errors from the logs: nslcd: [8b4567] <passwd="myaccount"> ldap_start_tls_s() failed (uri=ldap://myhost.lan/): Connect error nslcd: [8b4567] <passwd="myaccount"> failed to bind to LDAP server ldap://myhost.lan/: Connect error systemctl status nscld [root@ap26-int ~]# systemctl status nslcd nslcd.service - Naming services LDAP client...
-
I'm having problems authenticating CentOS 7 clients to my CentOS 6 LDAP Server. CentOS 6 clients have no problems authenticating. Here are what I believe are the relevant errors from the logs: nslcd: [8b4567] <passwd="myaccount"> ldap_start_tls_s() failed (uri=ldap://myhost.lan/): Connect error nslcd: [8b4567] <passwd="myaccount"> failed to bind to LDAP server ldap://myhost.lan/: Connect error However, from the client, I have full access to port 389 on the LDAP server. SELinux is off and disabled....
-
Anonymous created ticket #58
Support SSHA
-
WindowsStar posted a comment on discussion Open Discussion
I would like to ask if LDAP compare could be added. We are in the process of moving from a 2008 R2 Domain to a 2016 Domain. It would be extremely nice to compare "ldap:\server1.domain2008.local" with "ldap:\server1.domain2016.local". I cannot find any software that does this in a GUI in Windows. Closest I have found is this software "LDAP Admin" which will let me connect to both domains as TABs but then you have to click back and forth to see if all the information is on both domains. Very difficult....
-
Anonymous created ticket #52
olcAccess modify limited to 255 chars
-
Craig created ticket #51
Change Password creates duplicate userPassword attribute
-
BoehserWolf posted a comment on discussion Help
Login to SAMBA4 domain via GSS-API was succesful with following settings: base: DC=mydomain,DC=example,DC=com username: administrator But I'm heavily struggling to authenticate via simple authentication with SSL or TLS. I tried all combinations I could think of in 'username' field, but did not change the 'base' entry. Normally I would think that the same user as above (administrator) should be able to browse the directory, but also tried other users. Can somebody help me out with a working setup?...
-
Haerta posted a comment on ticket #47
Hello Tihomir, thank you very much for getting back to me. I will try again with paged search switched off and will report my findings. Regards, Michael On 04/03/2018 15:22, Tihomir Karlovic wrote: HI, It seems that I may have encounterd this before, I just forgot about it :-) Plase see this thread https://sourceforge.net/p/ldapadmin/discussion/305548/thread/7cf32bec/?limit=25 Let me know it this is the same problem. Best regards, Tihomir [bugs:#47] https://sourceforge.net/p/ldapadmin/bugs/47/ infinite...
-
HI, It seems that I may have encounterd this before, I just forgot about it :-) Plase see this thread https://sourceforge.net/p/ldapadmin/discussion/305548/thread/7cf32bec/?limit=25 Let me know it this is the same problem. Best regards, Tihomir
-
Anonymous created ticket #57
TLS1.2 support
-
Hi Xanti, did you chack the documentation page: http://ldapadmin.org/docs/scripts.html ? You can use Session.Search to get the list of entries that you want to modify. The loop through the list and access attributes with attributesByName['attributeName'] to access attribute and its values. Best regards, Tihomir
-
Anonymous posted a comment on ticket #19
Hi, Any change to look in to my question?
-
Anonymous posted a comment on ticket #19
Hi Tihomir, Thanks for the reply. A example of a template to do so would be much appriciated. Regards, Xanti
-
Anonymous posted a comment on ticket #19
Hi, Yes please. Regards, Xanti
-
Ok, this is a problem that v1.7 used copy/delete methos to move objects and the v1.8 detects if the server is V3 and then uses server control. I will have to add some additional checks or a manual override possibility.
-
Anonymous posted a comment on discussion Help
UTF-8 dose not require BOM, but LdapAdmin requires. https://sourceforge.net/p/ldapadmin/discussion/305548/thread/22f32828/
-
Anonymous posted a comment on discussion Help
Hi Not a problem, exporting to .csv instead of .ldif works perfectly. Cheers
-
Sorry Bill, this is question for the OpenLdap community, I don't know this. Tihomir
-
Anonymous posted a comment on discussion Help
We recently added "loglevel 256" to our slapd.conf file. The messages written to the associated log file show a timestamp in hex format. How to I change the format of the timestamp written to log file messages? From ldap.log: 5a0dab8e conn=1004 op=1 RESULT tag=97 err=0 text= Hex time 5a0dab8e is equivelent to GMT: Thursday, November 16, 2017 3:15:26 PM. Thank you, Bill
-
This is very strange, did you resolve this?
-
Anonymous posted a comment on discussion Help
I am running LDAP Admin tool as Administrator, I still see this error.
-
Anonymous posted a comment on discussion Help
Hi, how to upload slovak localization file llf for ldapadmin?
-
Hi, please send me the file and I will upload it. Thank you! Bet regards, tihomir
-
Anonymous posted a comment on discussion Open Discussion
If Template file(UTF-8) has no BOM, that file is read as ascii. But BOM is not required at UTF-8. https://en.wikipedia.org/wiki/UTF-8#Byte_order_mark I request that it will work as UTF-8 whether it has BOM or not.
-
Anonymous posted a comment on discussion Open Discussion
Hi I have LDAP Admin v1.8.2.0 installed on my Windows 10 system. I have created a connection in LDAP Admin with the information/credentials of my LDAP server (an OpenLDAP system running on SLES 12 SP3). In the 'Connection properties' dialog, if I specify 389 for the 'Port' and do not check the 'TLS' checkbox, LDAP Admin logs in to my LDAP server and displays the expected LDAP records/information. But if I change just two things (change Port from 389 to 636 and check the 'TLS' checkbox) and use this...
-
Hello, it'you cannot use TSLover SSL port, it doesn't make sense either as they are both doing essentialy the same. Proper way to do it: With TLS on the standard LDAP port, with SSL on the ssl port (usually 636). So everything works as it should, don't worry. Bet regards, Tihomir
-
No, you have to do this on your server. So it cannot be a seeting of LdapAdmin :-)
-
Anonymous posted a comment on discussion Open Discussion
Hi - thanks for the reply. Why isn't this a default setting in LDAP Admin? Also, sorry for the newbie question, but how do I do this in LDAP Admin? Thanks. tl
-
Anonymous posted a comment on discussion Open Discussion
Thank you very much! Worked like a charm.
-
Anonymous posted a comment on discussion Open Discussion
One observation when my tomcat service is running then i am unable to connect to ldap.forumsys.com data server. I could not figure out why this is so?
-
Anonymous posted a comment on discussion Open Discussion
HI, We have existing Active directory on windows server and now we want to add One Ldap server in oour setup. How we can add and how the authotication will work ?
-
Kenneth Wilson posted a comment on discussion Open Discussion
Great, thanks for the help.
-
Hello Kenneth, the syntax is standard LDAP query syntax. There's plenty of sources around, for instance: https://technet.microsoft.com/en-us/library/aa996205(v=exchg.65).aspx Best regards, Tihomir
-
That was my question, just realized I wasn't logged in. Now it looks like the text of my post got deleted. Original question: I can't find any documentation to explain what is the syntax to be used in Search > Custom > Filter. I found an example in the forums where this was used: (&(condition 1)(condition 2)) But the conditions used were very simple. I can't extrapolate from them. For example, how would I create a LIKE query, or an "equals" query with a wildcard in it? And can I use Greater Than...
-
Hello Tihomir, sorry, took my some time to get back to this issue but now it's one of my top priorities again. The server is my own which runs OpenLDAP so I have full control of the server. I attached all config files to this post. Hope it helps and thanks for looking at it! Michael
-
Anonymous created ticket #20
Lam installation
-
Anonymous created ticket #50
Entry move in 1.8 failed
-
Anonymous created ticket #49
Application hang on 'Go To' from search results
-
DominiX posted a comment on discussion Open Discussion
I would like all entry to display as DN=uid=xxx,dc=internet,dc=com
-
all of my old entry display as DN=uid=xxx,dc=internet,dc=com all of my new entry display as DN=CN=fistname, lastname,dc=internet,dc=com how may I correct this ? thank for your time.
-
Hello Tom, It seems so as your user has a restrected access and hence cannot open certificate store to read from it.
-
Anonymous posted a comment on discussion Help
LdapError
-
Hm, not sure you can, sorry. I can recheck this but I think not. Cheers, Tihomir
-
Anonymous posted a comment on discussion Help
Hi I was being dumb and didn't correctly understand your 1st answer, I was trying to search via groups not via the memberUid. After I've reread your both posts I've got it working, thank you! Now is there a way to get rid of both those lines: " objectClass: posixGroup objectClass: sambaGroupMapping " from the export? At the moment each group is shown as this (xxx are actual names, changed for know reason): dn: cn=xxx,ou=Group,dc=xxx,dc=xxx objectClass: posixGroup objectClass: sambaGroupMapping Still...
-
Anonymous posted a comment on discussion Help
Hello Tihomir, thanks, I have just filed Feature Request #56. Regards Tim
-
Hello Tjomme, did you try using @ prefix for literal paths and then escape the backslesh? Cheers, Tihomir
-
Anonymous posted a comment on discussion Help
Hi, in the latest version (1.8.3) we still have the same issue. Creating a user with a \ in the CN generates an error. As the CN is part of the DN, it's actually the DN that throws the error. Error shown: LDAP error! Invalid DN syntax: 00000057: LdapErr: DSID-0C090DEF, comment: Error processing name, data 0, v2580. Hope this helps, Tjomme
-
Anonymous posted a comment on discussion Help
Hello, I have some problem with connect to OpenLDAP via SSL. When I trying to connect to OpenLDAP so my LdapAdmin1.8.3 show this problem "Error opening certificate system store UserDS: Access is denied!" my OS is Windows 10 Pro x64 EN. After acept this message connection is estabilished. Can you help me with the removal of the problem? Thank you. Tom.
-
Hi, you have to have the schema file for the group included in your server shema configuration (depending on the group type you are trying to create (rfc2307bis for thr default group type). Cheers, Tihomir
-
Anonymous posted a comment on discussion Open Discussion
Hi - I am able to add users to my OpenLDAP server using LDAP Admin by using the Edit ... New ... User wizard. But when I try to create a new group using the Edit ... New ... Group wizard, I get the error: LDAP error! Object Class Violation: no structural object class provided Since I'm using the standard, out-of-the-box LDAP Admin, I expected that the 'Create Group' function used a working object class. What am I missing here? How can I create new groups in LDAP Admin? Thanks tl
-
Anonymous posted a comment on discussion Open Discussion
Hi.. I have very limited knowledge on LDAP configuration on web server and but I have been trying to figure out one issue that takes place when I am running the program that is written in php, but so far its unsuccessful. The server, I am working on is ldap server, which is running on Apache. After testing the program locally (i.e.ldap://localhost:10389/) the same was hosted on the web server (Linux Apache server). while running the same program via http://abc.net:2020/conn.php, it stopped at the...
-
Anonymous posted a comment on discussion Open Discussion
Hi.. I have very limited knowledge on LDAP and its configuration and but I have been trying to figure out one issue that takes place when I am running the program that is written in php, but so far its unsuccessful. The server, I am working on is ldap server, which is running on Apache. After testing program locally (i.e. PHP (ldap://localhost:10389/) the same was hosted on the web server (Linux Apache server). while running the same program via PHP http://abc.net:2020/conn.php, it stopped at the...
-
Hi, Yes, as long as CA is declared as trusted. Yiu have to import the CA certificate in the Trusted Authorities store. Cheers, Tihomir
-
Hi, Yes, as long as CA is declared as trusted. Yiu have to import the CA certificate in the Trusted Authorities store. Cheers, Tihomir
-
Anonymous posted a comment on discussion Open Discussion
Hi Will LDAP Admin work with self-signed certificates? I imported a self-signed certificate into my Windows 7's 'Trusted Root Certification Authorities' store, but LDAP Admin still displays 'Issuer certificate not found'. Thanks tl
1 >
