I am trying to connect to some independent LDAP repositories (ADAM - Active Directory application mode) using a specific set of credentials for binding, but not being able to develop a better way to do this. Here is an example that I hoped would work:
$ldapHost = New-Object System.DirectoryServices.DirectoryEntry("LDAP://{serverip}:{port}/dc=acme,dc=com","cn=myuser,dc=acme,dc=com","myPassw0rd") $ldapQuery = New-Object System.DirectoryServices.DirectorySearcher $ldapQuery.SearchRoot = $ldapHost $ldapQuery.Filter = "(objectclass=*)" $ldapQuery.SearchScope = "Base" $ldapQuery.FindAll()
This will deliver me:
Exception calling "FindAll" with "0" argument(s): "A local error has occurred. " At line:1 char:19 + $ldapQuery.FindAll <<<< () + CategoryInfo : NotSpecified: (:) [], MethodInvocationException + FullyQualifiedErrorId : DotNetMethodException
I also tried:
$ldapHost = New-Object System.DirectoryServices.DirectoryEntry("LDAP://{myip}:{port}/dc=acme,dc=com") $ldapHost.Username = "cn=myuser,dc=acme,dc=com"
which leads to:
The following exception occurred while retrieving member "Username": "The specified directory service attribute or valu e does not exist. " At line:1 char:11 + $ldapHost. <<<< Username = "cn=myuser,DC=acme,dc=com" + CategoryInfo : InvalidOperation: (:) [], RuntimeException + FullyQualifiedErrorId : PropertyAssignmentException
I tried several options with a filter, etc. Most of the documentation that I can find on this suggests that I am connecting to ldap from the same directory / I am connecting to the correct user for the request.
If you are familiar with the Python ldap module, here is how I do it:
import ldap ld = ldap.initialize("ldap://{myip}:{port}") ld.bind_s("cn=myuser,dc=acme,dc=com","Passw0rd") ld.search_s("dc=acme,dc=com",ldap.SCOPE_BASE,"objectclass=*")
Any pointers on how to approach this? I can definitely connect through various LDAP clients. I may need to explicitly specify authentication, but I'm not sure, because there is no information about requests from outside the domain.