We have an application that is using an Apache server to do LDAP authentications against our active directory. (Yeah, I know; if only I were king! LOL!) The application developer tells me that if he tries doing an auth against our root base (dc=yyy,dc=zzz), the auth fails. If he uses a search base of "ou=xxx,dc=yyy,dc=zzz", the auth works. The user account that is being tested is some OU levels below this. He is coding a subtree scope and he is filtering on (objectclass=user and objectcategory=person).
It's like Apache needs to start at an OU structure. I couldn't find much on Google about this other than someone else was having the same issue last Fall and just gave up in frustration. The Apache documentation I could find seemed to indicate that a search of "dc=yyy,dc=zzz" SHOULD work. Any thoughts/pointers are appreciated! Thanks! Mike Thommes