Loading ...
Sorry, an error occurred while loading the content.

Re: (RESOLVED) users from ldap (active directory)

Expand Messages
  • vadim korsak
    Instead of using AD Global Catalog (port 3268) can be used, this somehow helped. search_base must be empty resulting map file looks: server_host =
    Message 1 of 1 , Apr 1, 2011
    • 0 Attachment
      Instead of using AD Global Catalog (port 3268) can be used, this somehow helped.
      search_base must be empty

      resulting map file looks:

      server_host = 10.100.5.1:3268
      search_base =
      bind = yes
      bind_dn = CN=mailgw,OU=SYS,DC=XXXX,DC=lan
      bind_pw = password
      scope = sub
      result_attribute = mail
      result_format = %s OK
      query_filter = (&(objectClass=person)(mail=%s))
      version = 3


      On Thu, Mar 31, 2011 at 8:30 PM, Victor Duchovni <Victor.Duchovni@...> wrote:
      On Thu, Mar 31, 2011 at 08:26:17PM +0300, vadim korsak wrote:

      > result_format = %s OK
      > is OK, this is checked in other places
      >
      > >You need to use a search base that will not trigger a referral, or
      > >use the right LDAP server. Alternatively, the LDAP server may need
      > >to be configured to grant additional access to your "mailgw" id.
      >
      > why you think this is access problem?

      Because you are getting a referral, it can be either because the search
      base is wrong, or in perhaps because access is retricted. Don't expect
      referrals to work, if the referral is to a different LDAP source or
      if referrals require application logic (are not handled transparently
      in the OpenLDAP library).

      --
             Viktor.

    Your message has been successfully submitted and would be delivered to recipients shortly.