How to troubleshoot LDAP authentication issues using ldp.exe
Wondering how you can test your LDAP authentications? No problem, ldp.exe to the rescue! This tool allows you to test your authentications directly against the ldap server. This can be useful during troubleshooting. There are two ways to do this.
ldp.exe which is included in windows server
ldapsearch utility which can be installed in linux
In this blog post, we will talk about ldp.exe.
- In the command prompt, type in ldp.exe.
- In the connect dialog box, enter the ldap server ip address and port
- Then select bind with credentials in the bind type
A successful bind would look like this:
0 = ldap_set_option(ld, LDAP_OPT_ENCRYPT, 1)
res = ldap_bind_s(ld, NULL, &NtAuthIdentity, NEGOTIATE (1158)); // v.3
{NtAuthIdentity: User='bgleeson'; Pwd=<unavailable>; domain = 'contoso.com'}
Authenticated as: 'CONTOSO\bgleeson'.An un-successful bind would look like this:
0 = ldap_set_option(ld, LDAP_OPT_ENCRYPT, 1)
res = ldap_bind_s(ld, NULL, &NtAuthIdentity, NEGOTIATE (1158)); // v.3
{NtAuthIdentity: User='bgleeson'; Pwd=<unavailable>; domain = 'contoso.com'}
Error <49>: ldap_bind_s() failed: Invalid Credentials.
Server error: 8009030C: LdapErr: DSID-0C0904D0, comment: AcceptSecurityContext error, data 52e, v1db0
Error 0x8009030C The logon attempt failedThat’s all for this blog post! I hope that you learned something new! ☺️