Ldapsearch, Ldapsearch 620 – Apple Mac OS X Server (version 10.2.3 or later) User Manual

620

Chapter 17

10

If the server has a shared NetInfo domain, enter the following command line in the Terminal
application to set the Authentication Manager password for root user account of the shared
domain, where the domain’s NetInfo tag is “network:”

sudo NeST -settimpassword network root <rootpassword> <rootpassword>

When typing this command line, substitute the root user’s actual password for
<rootpassword>.

If the NetInfo tag for the server’s shared domain is not “network,” enter the actual tag in
place of “network” in this command line.

You have now enabled Authentication Manager on the server and set up its root user with an
Authentication Manager password. From now on, each password change made to a user
account will generate an Authentication Manager password for the user, allowing the user
account to be used for authentication from a Windows or other SMB client.

ldapsearch

The UNIX tool ldapsearch connects to an LDAP server, binds to it, finds entries, and returns
attributes of the entries found. By default, the ldapsearch tool attempts to connect to an
LDAP server by using the Simple Authentication and Security Layer (SASL) method. If the
LDAP server does not support this method, you see the following error message:

ldap_sasl_interactive_bind_s: No such attribute (16)

The solution is to include the -x option (lowercase x) when you type the ldapsearch
command in a Terminal window. Here is an example:

ldapsearch -h 192.168.100.1 -b "dc=example,dc=com" -x

The -x option forces ldapsearch to use simple authentication instead of SASL.

LL0395.Book Page 620 Wednesday, November 20, 2002 11:44 AM