On Tue, 2009-01-06 at 19:47 -0700, Charles Richards wrote: > Has anybody done any authentication to Lotus Domino using LDAP? > > I selected LDAP options in the "authconfig-tui" application, per the > documentation here: > > http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-ldap-pam.html > > > when I try to query the directory for user information though, I get > no results using the ldapsearch command > > [root at ldapclient ~]# ldapsearch -x uid=crichards > > # extended LDIF > # > # LDAPv3 > # base <> with scope subtree > # filter: uid=crichards > # requesting: ALL > # > > # search result > search: 2 > result: 0 Success > > # numResponses: 1 > > > I'm not quite sure what I'm missing, as I can manually query the > directory for, say, a uid, with the "ldapsearch" command with options > specified and it returns the correct info from the directory. > > [root at ldapclient ~]# ldapsearch -H ldap://domino.mydomain.com -W -D > Charles\ Richards -x uid=crichards > > Enter LDAP Password: **** > # extended LDIF > # > # LDAPv3 > # base <> with scope subtree > # filter: uid=crichards > # requesting: ALL > # > > # Charles Richards, NewPush > dn: CN=Charles Richards,O=MyDomain > cn: Charles Richards > mail: CRichards at mydomain.com > displayname: Charles Richards/MyDomain > messagestorage: 1 > encryptincomingmail: 0 > roaminguser: 0 > > <snip> ... > > > I have a feeling I'm missing something in my /etc/ldap.conf regarding > how I'm binding to the directory (I've tried using my CN=Charles > Richards for the binddn and rootbinddn to no avail...) > > > Any tips or info are greatly appreciated! ---- I'm not sure that I'm going to be all that helpful here but... > # search result > search: 2 > result: 0 Success actually means that 1 - You did successfully bind to LDAP and 2 - that LDAP gave you all the records that matched your filter. since you gave us, "dn: CN=Charles Richards,O=MyDomain"... ldapsearch -x 'cn=Charles Richards' would actually return that same record The tips/info that I would give you is buy the book...LDAP System Administration by Gerald Carter because that simplifies the whole LDAP/System authentication thing. Craig