I am using ldapsearch from OpenLDAP tools to search our corporate Active Directory for my email and phone number. This query is a test to ensure that I can authenticate against the domain so I can set up a linux wiki with NTLM authentication. My theory is that if I can successfully query the AD for information, then I am a step closer to getting my wiki to authenticate against AD (I have instructions to set up moin wiki under ActiveDirectory).

The problem is that I can't seem to get the ldapsearch query right. I have seen many tutorials on the net that indicate that -D should be something like -D "Americas\John_Marsharll"; however, I keep getting ldap_bind: Invalid credentials (49) error messages when I use Americas\John_Marshall. The only time I get sensical results is when I query with the parameters below. However, even then, I can't figure out how to get email and phone number.

[John_Marsharll@WN7-BG3YSM1 ~]$ ldapsearch -x -h 10.1.1.1 \
 -b "cn=Users,dc=Americas" mail telephonenumber -D "cn=John_Marshall,dc=Americas"
# extended LDIF
#
# LDAPv3
# base <cn=Users,dc=Americas> with scope subtree
# filter: (objectclass=*)
# requesting: mail telephonenumber -D cn=John_Marshall,dc=Americas 
#

# search result
search: 2
result: 32 No such object

# numResponses: 1
[John_Marshall@WN7-BG3YSM1 ~]$

Can someone give me pointers on what I'm doing wrong with the ldapsearch query above? Our AD ldap server is 10.1.1.1 and the AD domain is "Americas".