Resolving error when specifying LDAP binddn format for Windows AD

Question & Answer

Question

How do I resolve an invalid identifier error that occurs when specifying LDAP binddn format for Windows Active Directory?

Answer

In NPS Release 4.6.5 and Netezza 5.0 and later, you cannot enter any special characters in identifiers.

For example, if you use the domain\user syntax for the binddn to your AD server, your set authentication command would look like the following:

SYSTEM(ADMIN)=> set authentication ldap base "DC=USERS,DC=GROUP,DC=LOCAL" server "my.ldap.server" port "389" version "3" scope "sub" ssl "off" attrname "sAMAccountName" binddn "netezza\svc_user" bindpw "password"; ERROR: invalid identifier "netezza\svc_user" contains an invalid character (\,")
An invalid identifier error occurs because LDAP is expecting the binddn in the "cn=Manager,dc=Accounts,dc=company,dc=com" format.

The following example shows the simple workaround for using the domain\user syntax:

SYSTEM(ADMIN)=> set authentication ldap base "DC=USERS,DC=GROUP,DC=LOCAL" server "my.ldap.server" port "389" version "3" scope "sub" ssl "off" attrname "sAMAccountName" binddn 'netezza\svc_user' bindpw "password"; SET AUTHENTICATION

Using single quotes will allow you to run your set authentication command successfully.

[{"Product":{"code":"SSULQD","label":"IBM PureData System"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Component":null,"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"1.0.0","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Historical Number

NZ395915

Was this topic helpful?

Document Information

Modified date:
17 October 2019

UID

swg21569204

Tips