Hello folks, I need only centralized authentication via M$ AD and I try configure nss-ldap in my debian box but syslog always says these messages; Code: Jul 18 15:58:01 debox nscd: nss_ldap: failed to bind to LDAP server ldap://192.168.0.5: Invalid credentials Jul 18 15:58:01 debox nscd: nss_ldap: failed to bind to LDAP server ldap://192.168.0.5/: Invalid credentials Jul 18 15:58:01 debox nscd: nss_ldap: reconnecting to LDAP server... Jul 18 15:58:01 debox nscd: nss_ldap: failed to bind to LDAP server ldap://192.168.0.5: Invalid credentials Jul 18 15:58:01 debox nscd: nss_ldap: failed to bind to LDAP server ldap://192.168.0.5/: Invalid credentials Jul 18 15:58:01 debox nscd: nss_ldap: reconnecting to LDAP server (sleeping 1 seconds)... Jul 18 15:58:02 debox nscd: nss_ldap: failed to bind to LDAP server ldap://192.168.0.5: Invalid credentials Jul 18 15:58:02 debox nscd: nss_ldap: failed to bind to LDAP server ldap://192.168.0.5/: Invalid credentials Jul 18 15:58:02 debox nscd: nss_ldap: could not search LDAP server - Server is unavailable Jul 18 15:58:02 debox sshd[16767]: Invalid user boqor from x.x.x.x But i can get answers for ldapsearch command Code: ldapsearch -x -W -D "cn=Administrator,cn=Users,dc=ad,dc=domain,dc=tld"|grep sAMAccountName Enter LDAP Password: sAMAccountName: Administrator sAMAccountName: Guest sAMAccountName: boqor . . . My config files; ldap.conf Code: host 192.168.0.5 BASE dc=ad,dc=domain,dc=tld URI ldap://192.168.0.5/ binddn cn=Administrator,cn=Users,dc=ad,dc=domain,dc=tld bindpw pazzword scope sub ssl no libnss-ldap.conf Code: host 192.168.0.5 BASE dc=ad,dc=domain,dc=tld URI ldap://192.168.0.5/ binddn cn=Administrator,cn=Users,dc=ad,dc=domain,dc=tld bindpw pazzword ldap_version 3 rootbinddn cn=Administrator,cn=User,dc=ad,dc=domain,dc=tld libnss-ldap.secret Code: pazzword nsswitch.conf Code: passwd: compat ldap shadow: compat ldap group: compat ldap hosts: files dns networks: files protocols: db files services: db files ethers: db files rpc: db files netgroup: nis nss-ldapd.conf Code: host 192.168.0.5 BASE dc=ad,dc=domain,dc=tld URI ldap://192.168.0.5/ binddn cn=Administrator,cn=Users,dc=ad,dc=domain,dc=tld bindpw pazzword scope sub timelimit 30 Anybody can help me? How can i debug nss-ldap? M$ logs are not readable or helpful.
Was there ever a solution to this issue? I face the same thing. I have tried seemingly a hundred different things, and it always comes back to this error: nss_ldap: failed to bind to LDAP server ldap://x.x.x.x: Invalid credentials Domain Controller has event log saying that srv_ldap attempted a type of login for which it is not permitted (interactive). However, srv_ldap does have the right to log on interactively, as specified in Group Policy. I'm going insane. Thanks for any help.