We are building a new Infor10 environment. LSF is installed as is Lawson for Infor Ming.le. It's version 10.0.9 with all current patches. This server will be a target for an upgrade from LSF 9.0.1.13.
All smoke tests for LSF pass and the system seems to behave exactly as expected. Now I am trying to perform an ldapbind using the same bind information as was used on the LSF9 server. I haven't run ldapbind before, so I'm not 100% sure what to expect, but I've browsed thru Guru posts and it looks like you enter the command and answer prompts as they come up. I confirmed that with a consultant who just finished using the exact same version of ldapbind for another client, which worked fine.
After I enter $GENDIR/bin/ldapbind, it immediately responds, "bind successful". No prompts, nothing. There are no entries in any $LAWDIR/system/*log, no messages anywhere that I see, just "bind successful". I verified in ssoconfig that it made no changes, so it's just not doing anything. I've tried running it as lawson and as root, with lawsec on and lawsec off, but get the same result. I've also tried using the optional parameters like so (192.168.x.x is the client's ldap to which I'm trying to bind):
ldapbind -D CN=serviceacct,CN=Users,DC=client,DC=ORG -h 192.168.x.x -p 3268 -q
With this format, at least it tries to do something, but we get this response even after entering what I believe is the correct password:
Please enter bind password: ldap_bind: Invalid credentials ldap_bind: additional info: 80090308: LdapErr: DSID-0C0903D9, comment: AcceptSecurityContext error, data 52e, v2580
Any help would be appreciated. I have a support case open with Infor but it's been slow going getting responses, and I'm half expecting to hear that they don't provide support for this tool anyway.
Yes, I have set the environment before running the command. And lawson is the user that's used to go into ssoconfig, so it seems like that's the right user to run ldapbind with. Something is making it think it's done before it does anything at all - I just don't know what that could be.
After you enter ldapbind in the command line and hit Enter key
...what happens next? Does it ask you this question: "Please enter the password used for Lawson security utilites:"
If it does, what do you type in? The password it's asking for is the same password used for ssoconfig.
Then there is a problem with the ldapbind or your system.
Was your system's ldapbind ever working previously?
It should ask for the password right away. It should not immediately say "bind successful".
I've never seen or heard of the ldapbind NOT asking for the password right away.
Because think about it, if you don't enter in a password, then anyone could type in and use whatever server/parameters in the ldapbind.
I would check your lase logs in LAWDIR/system. Maybe there is some clue there.
Good to hear you all fixed it.