On Tue, 2009-01-06 at 19:47 -0700, Charles Richards wrote:
Has anybody done any authentication to Lotus Domino using LDAP?
I selected LDAP options in the "authconfig-tui" application, per the documentation here:
http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-ldap-pam.html
when I try to query the directory for user information though, I get no results using the ldapsearch command
[root@ldapclient ~]# ldapsearch -x uid=crichards
# extended LDIF # # LDAPv3 # base <> with scope subtree # filter: uid=crichards # requesting: ALL #
# search result search: 2 result: 0 Success
# numResponses: 1
I'm not quite sure what I'm missing, as I can manually query the directory for, say, a uid, with the "ldapsearch" command with options specified and it returns the correct info from the directory.
[root@ldapclient ~]# ldapsearch -H ldap://domino.mydomain.com -W -D Charles\ Richards -x uid=crichards
Enter LDAP Password: **** # extended LDIF # # LDAPv3 # base <> with scope subtree # filter: uid=crichards # requesting: ALL #
# Charles Richards, NewPush dn: CN=Charles Richards,O=MyDomain cn: Charles Richards mail: CRichards@mydomain.com displayname: Charles Richards/MyDomain messagestorage: 1 encryptincomingmail: 0 roaminguser: 0
<snip> ...
I have a feeling I'm missing something in my /etc/ldap.conf regarding how I'm binding to the directory (I've tried using my CN=Charles Richards for the binddn and rootbinddn to no avail...)
Any tips or info are greatly appreciated!
---- I'm not sure that I'm going to be all that helpful here but...
# search result search: 2 result: 0 Success
actually means that 1 - You did successfully bind to LDAP and 2 - that LDAP gave you all the records that matched your filter.
since you gave us, "dn: CN=Charles Richards,O=MyDomain"...
ldapsearch -x 'cn=Charles Richards'
would actually return that same record
The tips/info that I would give you is buy the book...LDAP System Administration by Gerald Carter because that simplifies the whole LDAP/System authentication thing.
Craig