Re: Proxy object in ADAM
- From: "Lee Flight" <lef@xxxxxxxxxxxxxxx>
- Date: Mon, 18 Apr 2005 17:03:32 +0100
Hi
are you using a secure channel for the proxy bind? ADAM requires
this by default for bindProxies? See p.55 of the ADAM Reviewer's
Guide in the docs folder of directory where you unpacked ADAM.
If that's not the issue please post the extended error message from the
results pane of the ldp.exe bind attempt. Also check the security event
logs on the ADAM server and the domain DCs. To check that the domain
account is OK you could try binding the ADAM instance using ldp.exe
and specify a secure bind using the domain account.
Lee Flight
"Chang" <mchang92612@xxxxxxxxx> wrote in message
news:OVjfh2CRFHA.3704@xxxxxxxxxxxxxxxxxxxxxxx
> This is my own LDAP test program. I use this test program to bind as
> regular ADAM users and it works fine. Then I tried to test proxy user
> object.
>
> Yes, I did simple bind to my proxy user object using the full DN of the
> proxy user in my ADAM instance with the password of the proxied object on
> my
> Windows domain. According to the documentation: When a user attempts to
> bind to a proxy object, ADAM takes the SID that is stored in the proxy
> object, together with the password that is supplied at bind time, and
> presents the SID and the password to Active Diectory for authentication.
>
> How can I tell where the bind error came from - ADAM or AD? Do I need to
> do
> anything to allow SID/password bind to the AD?
>
> BTW, I also tried ldp program and also got the same error.
>
> Thanks.
>
>
> "Lee Flight" <lef@xxxxxxxxxxxxxxx> wrote in message
> news:Pine.LNX.4.44.0504160334060.10193-100000@xxxxxxxxxxxxxxxxxx
>>
>> Hi
>> you do not say what application you are using to test the simple bind.
>> In the simple bind did you specify the full distinguished name of the
>> userproxy in the ADAM instance in the bind credentials?
>>
>>
>> Lee Flight
>>
>> On Fri, 15 Apr 2005, Chang wrote:
>>
>> >
>> > I have a Windows 2003 (SP1) ADAM server. This server joins a Windows
> 2000
>> > (SP4) domain.
>> >
>> > I imported the ms-userproxy.ldf file while I installed my ADAM
>> > instance.
> I
>> > created a user by selecting "userProxy" class and enter a SID of a
> Windows
>> > user - I copied the SID value (0x01 0x05 ...) from my ADSI editor of my
>> > Windows AD to the create user dialog.
>> >
>> > Then I tried a LDAP simple bind to this proxy object with the Windows
> user's
>> > password. I expect the bind would be redirected to AD. But I always
> got
>> > error 49 [Invalid Credentials]. Is there anything missing in my setup?
>> >
>> > BTW, I tried to search if there are discussions of proxy object in this
> news
>> > group. But even I tried to search all messages after 1/1/2004 I can
> only
>> > get messages sent in the last few days. How do I fix this problem?
>> >
>> > Thanks in advance!!
>> >
>> >
>> >
>>
>
>
.
- Follow-Ups:
- Re: Proxy object in ADAM
- From: Chang
- Re: Proxy object in ADAM
- References:
- Proxy object in ADAM
- From: Chang
- Re: Proxy object in ADAM
- From: Lee Flight
- Re: Proxy object in ADAM
- From: Chang
- Proxy object in ADAM
- Prev by Date: Re: Replication Notification.
- Next by Date: Re: Unable to rename local administrator account on windows 2003 s
- Previous by thread: Re: Proxy object in ADAM
- Next by thread: Re: Proxy object in ADAM
- Index(es):
Relevant Pages
|
