Unable to connect to LDAP, verify your credentials

[anasbousselham]

Hi, It's possible to used it without ldap flags.?! Thanks

[yellow-starburst]

yes it is possible to be used without ldap flags. Can you close the ticket now?

[anasbousselham]

I have this error without any flag!

[rvazarkar]

Are you running this through netonly? Do you have a proper domain authentication?

[x3rz]

I have this error without any flag!

Same issue for me without supplying any creds it is showing me that error

[gabemarshall]

@rvazarkar I'm also experiencing this. I'm running it through netonly and have proper domain auth (Powerview works fine, old versions of Invoke-Bloodhound work).

[lungdart]

Same situation here on the HTB forest machine.

When I checkout the old version of SharpHound from the bloodhound repo commit 6a95882e0e88c398f97f2a82a956eef5b3b10ae8, the identical command works (But then starts throwing stack traces later on)

I guess I'll keep going back into the commits until I can find a stable version...

[walterone]

still got the same issue, has anyone found a workaround yet?

[rvazarkar]

        ///     Tests the current LDAP config to ensure its valid by pulling a domain object
        /// </summary>
        /// <returns>True if connection was successful, else false</returns>
        public bool TestLDAPConfig(string domain)
        {
            var filter = new LDAPFilter();
            filter.AddDomains();

            var resDomain = GetDomain(domain)?.Name ?? domain;
            
            var result = QueryLDAP(filter.GetFilter(), SearchScope.Subtree, CommonProperties.ObjectID, resDomain)
                .DefaultIfEmpty(null).FirstOrDefault();

            return result != null;
        }

This is how we test for a valid LDAP connection: we query for domain objects and make sure we can get at least one. For whatever reason, that test is failing and we're getting nothing back. If you run with -v 0 it might give you some more insight as to where the check is failing, you can report back with that information

[walterone]

The verbose option only shows the TRACE info of the "TestConnection link" in the TestConnection() Function.

./sh.exe -v 0
2022-03-01T01:29:38.8844100-08:00|INFORMATION|Resolved Collection Methods: Group, LocalAdmin, Session, Trusts, ACL, Container, RDP, ObjectProps, DCOM, SPNTargets, PSRemote
2022-03-01T01:29:38.9000386-08:00|TRACE|Entering initialize link
2022-03-01T01:29:38.9000386-08:00|INFORMATION|Initializing SharpHound at 1:29 AM on 3/1/2022
2022-03-01T01:29:38.9000386-08:00|TRACE|Entering TestConnection link
2022-03-01T01:29:39.0719120-08:00|ERROR|Unable to connect to LDAP, verify your credentials
2022-03-01T01:29:39.0719120-08:00|TRACE|Exiting TestConnection link

Using powershell AD functionality and/or powerview it's possible to retrive objects in the domain. Also it looks like that the issue is mainly related to the HTB Forest machine, i still have to try in other environments

[rvazarkar]

I beleive I know whats causing this, I'll have a new build soon

[YB1-cyber]

@rvazarkar I joined the "unable to connect to LDAP" club , and also a friend of mine... so if you can update here , it'll nice

BTW I wonder: A) Can you tell why the .ps1 collector had been removed ? B) Will SharpHound.ps1 support the new format (matching bloodhound 4.1+) when we get it back ?

[rvazarkar]

Should be fixed in v1.0.3. Reopen if the problem is still there

@YB1-cyber it was removed because I ran out of time when doing this release, and yes it will

[chinformer]

Hey, I can confirm this is still affecting v1.0.3. I've just compiled the -dev 1.0.3 version (x64) no other changes and when supplying --ldapusername and --ldappassword the error is:

2022-03-18T16:18:27.4755485+00:00|INFORMATION|Resolved Collection Methods: Group, LocalAdmin, GPOLocalGroup, Session, LoggedOn, Trusts, ACL, Container, RDP, ObjectProps, DCOM, SPNTargets, PSRemote

2022-03-18T16:18:27.4876460+00:00|INFORMATION|Initializing sharpyhounds at 16:18 on 18/03/2022

2022-03-18T16:18:27.9424135+00:00|ERROR|Unable to connect to LDAP, verify your credentials

[n0kovo]

+1 Same issue with 1.0.3 (x64)

[chinformer]

@rvazarkar any update on the potential fix for this? I added the original comment on the 18th March 2022 :). Thank you

[rvazarkar]

Open a new issue, and use -v 0 to get verbose logging so I can see where the issue is happening

[ronemp]

Is this issue resolved?

[mc702]

C:>SharpHound.exe -c All -v 0 2022-08-15T13:22:29.7881493+08:00|INFORMATION|This version of SharpHound is compatible with the 4.2 Release of BloodHound 2022-08-15T13:22:29.8979655+08:00|INFORMATION|Resolved Collection Methods: Group, LocalAdmin, GPOLocalGroup, Session, LoggedOn, Trusts, ACL, Container, RDP, ObjectProps, DCOM, SPNTargets, PSRemote 2022-08-15T13:22:29.9130347+08:00|TRACE|Entering initialize link 2022-08-15T13:22:29.9130347+08:00|INFORMATION|Initializing SharpHound at 1:22 PM on 8/15/2022 2022-08-15T13:22:29.9130347+08:00|TRACE|Entering TestConnection link 2022-08-15T13:22:48.4446266+08:00|TRACE|[CommonLib LDAPUtils]Creating ldap connection for DC with filter (objectclass=domain) 2022-08-15T13:22:48.4446266+08:00|DEBUG|[CommonLib LDAPUtils]Unable to create ldap connection for domain (null) 2022-08-15T13:22:48.4446266+08:00|TRACE|[CommonLib LDAPUtils]LDAP connection is null for filter (objectclass=domain) and domain (null) 2022-08-15T13:22:48.4446266+08:00|ERROR|Unable to connect to LDAP, verify your credentials 2022-08-15T13:22:48.4446266+08:00|TRACE|Exiting TestConnection link

same here

[Castle1984]

hmm，same issue |ERROR|Unable to connect to LDAP, verify your credentials

[asmar-shikhamirli]

Having the same issue here, has anyone got a solution?

[0nopnop]

@rvazarkar any update on the issue and whether the changes have been made? I commented a while back (in Apr)

[pkyria14]

Still having the same issue. any updates?

[Trailingslashes]

@pkyria14, I had to reboot the windows machine to get this command to work.

[ProjectsFromB]

Anyone have any luck or workarounds?

[BaronSam3di]

Hi im also getting this error. Specifically

*Evil-WinRM* PS C:\Users\FSmith\Documents> ./Sharphound.exe -c all, gpolocalgroup -v 0
2024-01-31T18:10:30.6811548-08:00|INFORMATION|This version of SharpHound is compatible with the 4.3.1 Release of BloodHound
2024-01-31T18:10:30.8217740-08:00|INFORMATION|Resolved Collection Methods: Group, LocalAdmin, GPOLocalGroup, Session, LoggedOn, Trusts, ACL, Container, RDP, ObjectProps, DCOM, SPNTargets, PSRemote
2024-01-31T18:10:30.8373984-08:00|TRACE|Entering initialize link
2024-01-31T18:10:30.8373984-08:00|INFORMATION|Initializing SharpHound at 6:10 PM on 1/31/2024
2024-01-31T18:10:30.8373984-08:00|TRACE|Entering TestConnection link
2024-01-31T18:10:58.9768518-08:00|TRACE|[CommonLib LDAPUtils]Testing LDAP connection for domain (null)
2024-01-31T18:10:58.9768518-08:00|TRACE|[CommonLib LDAPUtils]Creating ldap connection for DC with filter (objectclass=domain)
2024-01-31T18:10:58.9768518-08:00|DEBUG|[CommonLib LDAPUtils]Unable to create ldap connection for domain (null)
2024-01-31T18:10:58.9768518-08:00|WARNING|[CommonLib LDAPUtils]LDAP connection is null for filter (objectclass=domain) and domain Default Domain
2024-01-31T18:10:58.9768518-08:00|TRACE|[CommonLib LDAPUtils]Result object from LDAP connection test is null
2024-01-31T18:10:58.9768518-08:00|ERROR|Unable to connect to LDAP, verify your credentials
2024-01-31T18:10:58.9768518-08:00|TRACE|Exiting TestConnection link
*Evil-WinRM* PS C:\Users\FSmith\Documents> 

Is this issue a dupe of something or should it be reopened if still unresolved 😌

[JonasBK]

Hi @BaronSam3di, Try the latest SharpHound version here: https://github.com/BloodHoundAD/SharpHound/releases/latest

[stuartw1]

I had this error message today. My target environment had 389 disabled and 636 open for LDAPS

I used the -SecureLDAP flag, but this didnt work and returned an "unable to connect to LDAP" error until I tried -DisableCertVerification and -DisableSigning, which made it work perfectly. Interestingly I had to provide domain, ldapusername and ldappassword too, with ldapusername set to [email protected] rather than INTERNAL\user.name

Perhaps the error message could be expanded - either to include if it is a connection security fault, or to suggest trying flags that drop security validation measures if appropriate. It would be good if the logs contained the port that was being tried also.

[vcap-kali]

people are asking for workarounds, and I still observe this on HTB Sauna and Forest as of today, WHY is this issue closed then @JonasBK ?!

still getting the "ERROR|Unable to connect to LDAP, verify your credentials"

.\SharpHound.exe --DisableCertVerification --DisableSigning --Domain EGOTISTICAL-BANK.LOCAL --ldapusername svc_loanmgr --ldappassword '...'

[superswan]

Same issue with SharpHound 2.3.3 and 1.1.1

PS C:\Users\vim\Downloads\sharphound-v2.3.3> .\SharpHound.exe --version
2024-04-07T18:57:38.3685762-07:00|INFORMATION|This version of SharpHound is compatible with the 5.0.0 Release of BloodHound
SharpHound 2.3.3
PS C:\Users\vim\Downloads\sharphound-v2.3.3> .\SharpHound.exe -c localadmin
2024-04-07T18:58:44.0134919-07:00|INFORMATION|This version of SharpHound is compatible with the 5.0.0 Release of BloodHound
2024-04-07T18:58:44.1537624-07:00|INFORMATION|Resolved Collection Methods: LocalAdmin
2024-04-07T18:58:44.1699613-07:00|INFORMATION|Initializing SharpHound at 6:58 PM on 4/7/2024
2024-04-07T18:58:57.9663013-07:00|WARNING|[CommonLib LDAPUtils]Failed to setup LDAP Query Filter: Error creating LDAP connection: GetDomain call failed for
2024-04-07T18:58:57.9663013-07:00|ERROR|Error running SharpHound: Failed to setup LDAP Query Filter
   at SharpHoundCommonLib.LDAPUtils.<QueryLDAP>d__40.MoveNext()
   at System.Linq.Enumerable.<DefaultIfEmptyIterator>d__93`1.MoveNext()
   at System.Linq.Enumerable.FirstOrDefault[TSource](IEnumerable`1 source)
   at SharpHoundCommonLib.LDAPUtils.TestLDAPConfig(String domain)
   at Sharphound.SharpLinks.TestConnection(IContext context) in D:\a\SharpHound\SharpHound\src\Sharphound.cs:line 148
   at Sharphound.Program.<>c__DisplayClass0_0.<<Main>b__1>d.MoveNext() in D:\a\SharpHound\SharpHound\src\Sharphound.cs:line 532
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at CommandLine.ParserResultExtensions.<WithParsedAsync>d__20`1.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at Sharphound.Program.<Main>d__0.MoveNext() in D:\a\SharpHound\SharpHound\src\Sharphound.cs:line 406

It appears to be a permissions issue, above output was ran as local admin user from console session. Runs fine as SYSTEM under remote shell.

[nga1hte]

people are asking for workarounds, and I still observe this on HTB Sauna and Forest as of today, WHY is this issue closed then @JonasBK ?!

still getting the "ERROR|Unable to connect to LDAP, verify your credentials"

.\SharpHound.exe --DisableCertVerification --DisableSigning --Domain EGOTISTICAL-BANK.LOCAL --ldapusername svc_loanmgr --ldappassword '...'

Resetting the machine works for me.