Using a policy and a directory binding I am trying to enable authenticated directory bindings to Open Directory servers. On a test Mac I receive the following errors:
Using SSL:
Error: The binding was not successful:
dsconfigldap verbose mode
Using suggested computer ID
Options selected by user:
Force authenticated (un)binding option selected
SSL was chosen
Add server option selected
Server name provided as
LDAP Configuration name provided as
Computer ID provided as
Network username provided as
No Local username determined
Adding new node to search policies
Please enter network user password:
Certificates will be automatically added to your system keychain in order to talk to this server.
Would you like to continue (y/n)?
Operation cancelled.
Not using SSL:
Error: The binding was not successful:
dsconfigldap verbose mode
Using suggested computer ID
Options selected by user:
Force authenticated (un)binding option selected
Add server option selected
Server name provided as
LDAP Configuration name provided as
Computer ID provided as
Network username provided as
No Local username determined
Adding new node to search policies
Please enter network user password:
Certificates are available for this server.
Would you like to add them to system keychain automatically (y/n)? Error: Authentication server refused operation because the current credentials are not authorized for the requested operation. (5101)
I can bind manually using Directory Utility with and without SSL.
In this case I am using a Mavericks client binding to a Yosemite server.
Any insight?