Re: AREA LDAP Unix to Windows
Is your OU - Test Users - within a sub-OU of your OU - USERS? Nick Havin' Fun in Sacramento. On Wed, 31 Jan 2007 11:10:47 -0500, Shane Fish <[EMAIL PROTECTED]> wrote: >All, > >I'm having an issue setting up AREA LDAP and hopefully someone can help. > >ARS Platform: (on a separate Sun Domain than the Windows Domains, have >setup domain names given in /etc/resolv.conf) >ARS 6.3 Patch 17 >Sun / Unix 5.9 (Solaris 9) >Oracle 10gR1 (9 Client) > >Windows Active Directory 2000 > >ARS Server Setup - Port 390695 for AREA - Cross Reference Blank Password >checked - Authenticate Unregistered Users checked - External Authentication >RPC set to 30. > >NSLookup sees the Domain Server ID'd in AREA LDAP form, Distinquished Name >account has admin permissions, User Base and sAMAccountName=$\User$ >information works using ldp.exe from my pc but when run configured in AREA >LDAP the error log produces this: > >arplugin.log info: > >39069 >5> /* Wed Jan 31 2007 10:53:42.7159 */ +VL >AREAVerifyLoginCallback - >- user etest >39069 >5> /* Wed Jan 31 2007 10:53:42.7160 */ >AREAVerifyLogi >nCallback >39069 >5> /* Wed Jan 31 2007 10:53:42.7160 */ ldap_init >("test. >mycompany.com", 389) >39069 >5> /* Wed Jan 31 2007 10:53:42.7161 */ connect >timeout > previously: -1 >39069 >5> /* Wed Jan 31 2007 10:53:42.7161 */ connect >timeout > used: 25000 >39069 >5> /* Wed Jan 31 2007 10:53:42.7162 */ >ldap_simple_bin >d("mycompany\testad", hidden) >39069 >5> /* Wed Jan 31 2007 10:53:42.7211 */ After the >bind >39069 >5> /* Wed Jan 31 2007 10:53:42.7212 */ >ldap_search_ext >("OU=Test Users,DC=mycompany,DC=com", 2, "sAMAccountName=$\User$") >39069 >5> /* Wed Jan 31 2007 10:53:42.7221 */ We do not >know t >he user >39069 >5> /* Wed Jan 31 2007 10:53:42.7221 */ >LicenseMask=0 L >icenseWrite=0 LicenseFTS=0 LicenseReserved1=0 Notification=0 Email= >LoginS >tatus=1 ModificationTime=0 >39069 >5> /* Wed Jan 31 2007 10:53:42.7221 */ >Groups= >39069 >5> /* Wed Jan 31 2007 10:53:42.7222 */ -VL >FAIL > > > >Example Ldp.exe query: > >***Searching... >ldap_search_s(ld, "OU=Test Users,DC=mycompany,DC=gcom", >2, "(sAMAccountName=tester)", attrList, 0, &msg) >Result <0>: (null) >Matched DNs: >Getting 1 entries: >>> Dn: CN=Tester\, Test,OU=Test Users,DC=mycompany,DC=com > >Thanks, Shane > >___ >UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are" >= ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
Re: AREA LDAP Unix to Windows
Your problem is you have specified the wrong filter sAMAccountName=$\User$ should be sAMAccountName=$\USER$ There is no Remedy keyword of $User$, it is $USER$. You can see in your 8th line (the one above the "We do not know the user") it is not putting in the user's login name and just sending your filter exactly as it is entered. Fred -Original Message- From: Action Request System discussion list(ARSList) [mailto:[EMAIL PROTECTED] On Behalf Of Shane Fish Sent: Wednesday, January 31, 2007 10:11 AM To: arslist@ARSLIST.ORG Subject: AREA LDAP Unix to Windows All, I'm having an issue setting up AREA LDAP and hopefully someone can help. ARS Platform: (on a separate Sun Domain than the Windows Domains, have setup domain names given in /etc/resolv.conf) ARS 6.3 Patch 17 Sun / Unix 5.9 (Solaris 9) Oracle 10gR1 (9 Client) Windows Active Directory 2000 ARS Server Setup - Port 390695 for AREA - Cross Reference Blank Password checked - Authenticate Unregistered Users checked - External Authentication RPC set to 30. NSLookup sees the Domain Server ID'd in AREA LDAP form, Distinquished Name account has admin permissions, User Base and sAMAccountName=$\User$ information works using ldp.exe from my pc but when run configured in AREA LDAP the error log produces this: arplugin.log info: /* Wed Jan 31 2007 10:53:42.7159 */ +VL AREAVerifyLoginCallback - - user etest /* Wed Jan 31 2007 10:53:42.7160 */ AREAVerifyLogi nCallback /* Wed Jan 31 2007 10:53:42.7160 */ 5> ldap_init ("test. mycompany.com", 389) /* Wed Jan 31 2007 10:53:42.7161 */ connect timeout previously: -1 /* Wed Jan 31 2007 10:53:42.7161 */ connect timeout used: 25000 /* Wed Jan 31 2007 10:53:42.7162 */ ldap_simple_bin d("mycompany\testad", hidden) /* Wed Jan 31 2007 10:53:42.7211 */ After 5> the bind /* Wed Jan 31 2007 10:53:42.7212 */ ldap_search_ext ("OU=Test Users,DC=mycompany,DC=com", 2, "sAMAccountName=$\User$") /* Wed Jan 31 2007 10:53:42.7221 */ We do 5> not know t he user /* Wed Jan 31 2007 10:53:42.7221 */ LicenseMask=0 L icenseWrite=0 LicenseFTS=0 LicenseReserved1=0 Notification=0 Email= LoginS tatus=1 ModificationTime=0 /* Wed Jan 31 2007 10:53:42.7221 */ Groups= /* Wed Jan 31 2007 10:53:42.7222 */ -VL FAIL Example Ldp.exe query: ***Searching... ldap_search_s(ld, "OU=Test Users,DC=mycompany,DC=gcom", 2, "(sAMAccountName=tester)", attrList, 0, &msg) Result <0>: (null) Matched DNs: Getting 1 entries: >> Dn: CN=Tester\, Test,OU=Test Users,DC=mycompany,DC=com Thanks, Shane ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are" ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
AREA LDAP Unix to Windows
All, I'm having an issue setting up AREA LDAP and hopefully someone can help. ARS Platform: (on a separate Sun Domain than the Windows Domains, have setup domain names given in /etc/resolv.conf) ARS 6.3 Patch 17 Sun / Unix 5.9 (Solaris 9) Oracle 10gR1 (9 Client) Windows Active Directory 2000 ARS Server Setup - Port 390695 for AREA - Cross Reference Blank Password checked - Authenticate Unregistered Users checked - External Authentication RPC set to 30. NSLookup sees the Domain Server ID'd in AREA LDAP form, Distinquished Name account has admin permissions, User Base and sAMAccountName=$\User$ information works using ldp.exe from my pc but when run configured in AREA LDAP the error log produces this: arplugin.log info: /* Wed Jan 31 2007 10:53:42.7159 */ +VL AREAVerifyLoginCallback - - user etest /* Wed Jan 31 2007 10:53:42.7160 */ AREAVerifyLogi nCallback /* Wed Jan 31 2007 10:53:42.7160 */ ldap_init ("test. mycompany.com", 389) /* Wed Jan 31 2007 10:53:42.7161 */ connect timeout previously: -1 /* Wed Jan 31 2007 10:53:42.7161 */ connect timeout used: 25000 /* Wed Jan 31 2007 10:53:42.7162 */ ldap_simple_bin d("mycompany\testad", hidden) /* Wed Jan 31 2007 10:53:42.7211 */ After the bind /* Wed Jan 31 2007 10:53:42.7212 */ ldap_search_ext ("OU=Test Users,DC=mycompany,DC=com", 2, "sAMAccountName=$\User$") /* Wed Jan 31 2007 10:53:42.7221 */ We do not know t he user /* Wed Jan 31 2007 10:53:42.7221 */ LicenseMask=0 L icenseWrite=0 LicenseFTS=0 LicenseReserved1=0 Notification=0 Email= LoginS tatus=1 ModificationTime=0 /* Wed Jan 31 2007 10:53:42.7221 */ Groups= /* Wed Jan 31 2007 10:53:42.7222 */ -VL FAIL Example Ldp.exe query: ***Searching... ldap_search_s(ld, "OU=Test Users,DC=mycompany,DC=gcom", 2, "(sAMAccountName=tester)", attrList, 0, &msg) Result <0>: (null) Matched DNs: Getting 1 entries: >> Dn: CN=Tester\, Test,OU=Test Users,DC=mycompany,DC=com Thanks, Shane ___ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"