On Tue, 6 Apr 2010 14:07:06 -0500, Mark Hammack <mark.hamm...@gmail.com> wrote:
>I am attempting to write an LDAP client on z/OS that will bind to AD running >on Windows 2003 Server using the C API. The ldap_init() returns 0 and seems >to connect OK (the only problem I have with this is that I tried an invalid >server name and still got a return code 0). When I issue the >ldap_sasl_bind()/ldap_request(), I get an error back indicating that the >user is not defined (return code 49, data 525 error). For the DN string >("who" parameter), I have tried "cn=user.name,o=company,c=US", >"uid=user.name", etc. (everything I can think of anyway) in both codepage >1047 and 1252 all with the same results. BTW, when I use the invalid LDAP >server name, I get a completely different error so apparently, the >connection is fine. In order to bind, you have to have a valid dn ("who"). To get a valid dn, you search() on something unique like "mail=user.n...@company.com". Then you bind using the returned DN. Bind() will not do an implicit search(). The set of attributes that constitute a dn are defined by the schema (I can't figure out what to search in the schema to find it, though). cn=my name,ou=place,o=company,c=us is common, but there are others. Talk to the LDAP owner. Alan Altmark z/VM Development IBM ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html