Can't make updates with LDAP from Linux box to Windows AD
Posted
by
amburnside
on Server Fault
See other posts from Server Fault
or by amburnside
Published on 2012-12-20T09:23:17Z
Indexed on
2012/12/20
11:04 UTC
Read the original article
Hit count: 350
I have a webapp (built using Zend Framework - PHP) that runs on a Linux environment which needs to authenticate against Active Directory on a Windows server.
So far my webapp can authenticate with LDAPS, but cannot perform any kind of write operation (add/update/delete). It can only read.
I have configured my server as follows:
- I have exported the CA Certificate from my Windows AD server to /etc/opendldap/certs
- I have created a pem file based on this certificate using openssl
I have update /etc/openldap/ldap.conf so that it knows where to look for the pem certificate:
TLS_CACERT /etc/openldap/certs/xyz.internal.pem
When I run my script, I get the following error:
0x35 (Server is unwilling to perform; 0000209A: SvcErr: DSID-031A1021, problem 5003 (WILL_NOT_PERFORM), data 0 ):
Have I missed something with my configuration, which is causing the server to reject making updates to AD?
© Server Fault or respective owner