LDAP failure: No such object. (Code 32)

[RealGrimbi]

Hi all

I am getting the following error when running the script in debug mode: ldap_build_search_req ATTRS: sAMAccountName distinguishedName cn mail [error] LDAP failure: No such object. (Code 32)

What does this mean? I have tried multiple options (with userMatchAttribute and userMatchAttribute) and its always the same error. Username and bind dn is correct as I get a different error when I put in a wrong dn or password. Active Directory is used as LDAP Server.

Thanks for help. Grimbi

ldap: debug: true winCompatibilityMode: false

server:
    host:                            "DC IP"
    port:                             389
    version:                        3
    encryption:                  "none"

    bindDn:                        "CN=ldap,OU=Admins,DC=domain,DC=local"
    bindPassword:            "password"

queries:
    baseDn:                       "DC=domain,DC=local"

    userDn:                         "OU=Users,DC=domain,DC=local"
    userFilter:                     "(&(objectCategory=person)(objectClass=user))"
    userUniqueAttribute:            "sAMAccountName"
    userMatchAttribute:             "distinguishedName"
    userNameAttribute:              "cn"
    userEmailAttribute:             "mail"

    groupDn:                        "OU=Groups,DC=domain,DC=local"
    groupFilter:                    "(objectClass=group)"
    groupUniqueAttribute:           "cn"
    groupMemberAttribute:           "memberUid"

[RealGrimbi]

Found the issue: The userDn and groupDN field should not contain the baseDN again "DC=domain,DC=local"

So correct config would be:

userDn: "OU=Users" groupDn: "OU=Groups"

[Adambean]

Hi RealGrimbi,

Spot on, this tool concatenates your base DN to user & group DNs implicitly. Thanks for sharing your results. 👍