[CentOS] LDAP Authentication to Lotus Domino?
Craig White
craigwhite at azapple.com
Wed Jan 7 04:14:10 UTC 2009
On Tue, 2009-01-06 at 19:47 -0700, Charles Richards wrote:
> Has anybody done any authentication to Lotus Domino using LDAP?
>
> I selected LDAP options in the "authconfig-tui" application, per the
> documentation here:
>
> http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-ldap-pam.html
>
>
> when I try to query the directory for user information though, I get
> no results using the ldapsearch command
>
> [root at ldapclient ~]# ldapsearch -x uid=crichards
>
> # extended LDIF
> #
> # LDAPv3
> # base <> with scope subtree
> # filter: uid=crichards
> # requesting: ALL
> #
>
> # search result
> search: 2
> result: 0 Success
>
> # numResponses: 1
>
>
> I'm not quite sure what I'm missing, as I can manually query the
> directory for, say, a uid, with the "ldapsearch" command with options
> specified and it returns the correct info from the directory.
>
> [root at ldapclient ~]# ldapsearch -H ldap://domino.mydomain.com -W -D
> Charles\ Richards -x uid=crichards
>
> Enter LDAP Password: ****
> # extended LDIF
> #
> # LDAPv3
> # base <> with scope subtree
> # filter: uid=crichards
> # requesting: ALL
> #
>
> # Charles Richards, NewPush
> dn: CN=Charles Richards,O=MyDomain
> cn: Charles Richards
> mail: CRichards at mydomain.com
> displayname: Charles Richards/MyDomain
> messagestorage: 1
> encryptincomingmail: 0
> roaminguser: 0
>
> <snip> ...
>
>
> I have a feeling I'm missing something in my /etc/ldap.conf regarding
> how I'm binding to the directory (I've tried using my CN=Charles
> Richards for the binddn and rootbinddn to no avail...)
>
>
> Any tips or info are greatly appreciated!
----
I'm not sure that I'm going to be all that helpful here but...
> # search result
> search: 2
> result: 0 Success
actually means that 1 - You did successfully bind to LDAP and 2 - that LDAP gave you all the records that matched your filter.
since you gave us, "dn: CN=Charles Richards,O=MyDomain"...
ldapsearch -x 'cn=Charles Richards'
would actually return that same record
The tips/info that I would give you is buy the book...LDAP System Administration by Gerald Carter because that simplifies the whole LDAP/System authentication thing.
Craig
More information about the CentOS
mailing list