LDAP-UX Client Services B.04.10 with Microsoft Windows Active Directory Server Administrator's Guide
./ldapsearch -h sys001.hp.com -b -D
"CN=proxyuser,CN=users,DC=cup,DC=hp,DC=com" -w passwd\
msSFUName=biljonz
You should get output like the following:
dn: CN=John R Bill
Jones,CN=Users,DC=cup,DC=hp,DC=com
accountExpires: 9223372036854775807
badPasswordTime: 0
badPwdCount: 0
codePage: 0
cn: John R Bill Jones
countryCode: 0
instanceType: 4
lastLogoff: 0
lastLogon: 0
logonCount: 0
distinguishedName: CN=John R Bill Jones,CN=Users,DC=cup,DC=hp,DC=com
objectCategory: CN=Person,CN=Schema,CN=Configuration,DC=cup,DC=hp,DC=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
objectGUID:: m0weqe/tykmLX1yw8Y/QZw==
objectSid:: AQUAAAAAAAUVAAAAEZm5eELHdFIVJa9HtgYAAA==
primaryGroupID: 513
pwdLastSet: 0
name: John R Bill Jones
sAMAccountName: biljonz
sAMAccountType: 805306368
userAccountControl: 546
uSNChanged: 15284
uSNCreated: 15283
whenChanged: 20001222132148.0Z
whenCreated: 20001222132148.0Z
gecos: John R Bill Jones,6394,DEV
gidNumber: 1771
loginShell: /bin/ksh
msSFUHomeDirectory: /tblv006/home/biljonz
msSFUName: biljonz
syncNisDomain: cup
uidNumber: 467
If you do not get this output, your proxy user may not be configured properly. Make sure
you have access permissions set correctly for the proxy user. Refer to “Creating a New Proxy
User” (page 123) for details on configuring the proxy user.
You can also try binding to the directory as the directory administrator and reading the
user's information.
• Enable PAM logging as described under “Enabling and Disabling PAM Logging” (page 129)
then try logging in again. Check the PAM logs for any unexpected events.
• Enable LDAP-UX logging as described in “Enabling and Disabling LDAP-UX Logging”
(page 128), then try logging in again. Check the log file for any unexpected events.
Troubleshooting 131