[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

I'm trying to connect to Novell eDirectory using LDAP Browser

Posted on 2004-11-22
15
Medium Priority
?
2,772 Views
Last Modified: 2012-05-05
I can't connect to my Novell eDirectory with LDAP Browser.  Although I can connect using ConsoleOne.

I believe I have used the correct host name, and tried every variation including Localhost, 127.0.01.1 and even tried setting up a DNS record to forward ldap request to the correct host.

I'm having miserable time connecting to my NDS using ldapbrowser.

Someone please help.
0
Comment
Question by:gmahler5th
  • 6
  • 6
  • 2
  • +1
15 Comments
 
LVL 34

Expert Comment

by:PsiCop
ID: 12651287
This Question was perhaps best-asked in the NetWare TA (http://www.experts-exchange.com/Networking/Netware/); even though eDirectory is platform-independent, most of the eDirectory-savvy folx hang out there.

Of course, I'm not sure what any of us can do for you, since you haven't bothered to mention minor little details like the VERSION of eDirectory you're using, or what platform its running on, or what version/patch/SP/whatever you have of that platform, or anything else about your environment that would help an Expert arrive at a solution for you.
0
 

Author Comment

by:gmahler5th
ID: 12651328
I didn't know the appropriate forum to post this.  Hopefully the moderator will place my question there.

Believe it or not, I've actually done this before, but it was more by accident.

I'm running Windows Server 2003, Novell eDirectory 8.7.  DNS is configured, although not sure it's configured correctly.

I'm trying to connect to the eDirectory with ldapbrowser.  
0
 
LVL 34

Expert Comment

by:PsiCop
ID: 12651378
OK, eDirectory v8.7... is that v8.7.2 or v8.7.3? Any SPs? The absolutely latest version for the Windoze platform is v8.7.3.3 - its available here --> http://support.novell.com/cgi-bin/search/searchtid.cgi?/2969860.htm

I'm not terribly familiar with eDir on Windoze - I'll see if I can get some other eDir Experts headed over here. Prolly take awhile to get a Mod to move the Question.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:gmahler5th
ID: 12651418
Yes, 8.7.3

I just disabled DNS server, as I'm told that isn't required.

Here is my connection string.

http://www.stevetout.com/connection.jpg

Is the host the machine hostname, or the eDir server name?

When specifying the userDN, should I use commas or periods?
0
 

Author Comment

by:gmahler5th
ID: 12651873
I tried doing an nslookup on my machine's name "kirkland" and it didn't resolve correctly... Something is really messed up.

http://www.stevetout.com/nslookup-kirkland.jpg

0
 
LVL 3

Assisted Solution

by:hendrixl
hendrixl earned 600 total points
ID: 12652113
>> I just disabled DNS server, as I'm told that isn't required

You stated you disabled the DNS server, yet in your initial screenshot you are using a host name, not an IP address, to connect.  Was this the only DNS server you had running in your environment?  Are you using host names to connect?  If so, you must have a DNS server available and configured to answer those requests, or use IP addresses for your testing.
 
0
 
LVL 3

Expert Comment

by:hendrixl
ID: 12652185
Do you get an error message during the failure?
0
 
LVL 35

Accepted Solution

by:
ShineOn earned 1400 total points
ID: 12655811
How is your LDAP server object and LDAP group object configured?  Can you post some screen shots?  

In particular, do you have TLS turned on for all connections on the SSL/TLS tab of the LDAP server object, or require TLS for simple binds with password on the group object?  If so, you need to use the secure port, 636; you also need to have a certificate assigned.

How about the Win2K3 server itself - is it an AD member or controller server?  If so, Win2K3/AD's implementation of LDAP (weak as it is) could be interfering with your LDAP access to eDirectory.
0
 

Author Comment

by:gmahler5th
ID: 12657602
I was able to bind anonymously on port 389.

I disabled TLS for the server and group objects.

My Win2K3 server is not an AD member.  It is a stand alone server.  AD is not enabled on this server.  I'm running this server on a laptop with the sole purpose of testing some applications that run against NDS.

With all that said, I still cannot bind as an admin user in ldapbrowser.  Strange, that I can bind anonymously, but not as a user.

Thoughts anyone?
0
 
LVL 3

Expert Comment

by:hendrixl
ID: 12657726
Are you using commas in your DN name?

Here is a link to follow to test LDAP authentication.

http://support.novell.com/cgi-bin/search/searchtid.cgi?/10075010.htm
0
 
LVL 3

Expert Comment

by:hendrixl
ID: 12657773
Here is another that will allow you to troubleshoot the connection failure using DSTrace.

http://support.novell.com/cgi-bin/search/searchtid.cgi?/10080854.htm

lh
0
 

Author Comment

by:gmahler5th
ID: 12657841
I was able to bind using the NDS admin user.  cn=Admin,ou=secure,o=admin

But I have since created other admin users in different branches, and I cannot bind when I specify one of those.

What do I have to change to allow other admin users to bind to the directory?
0
 
LVL 3

Assisted Solution

by:hendrixl
hendrixl earned 600 total points
ID: 12658119
Were you able to follow the instructions in this link:  

http://support.novell.com/cgi-bin/search/searchtid.cgi?/10080854.htm

to gather a DSTrace log of the error?  This would be extremely helpful in troubleshooting your issue.

lh
0
 

Author Comment

by:gmahler5th
ID: 12658233
Thanks for reccommending doing the eDir Trace.  I saw right away a failed authentication, error -669.  I had to specify a simple password instead of NDS password.  Now it's working!

I will split up the points fairly.

Thanks everyone!
0
 
LVL 3

Expert Comment

by:hendrixl
ID: 12658377
Glad we were able to assist you.

lh
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Windows 7 does not have the best desktop search built in. This is something Windows 7 users have struggled with. You type something in, and your search results don’t always match what you are looking for, or it doesn’t actually work at all. There ar…
I have written articles previously comparing SARDU and YUMI.  I also included a couple of lines about Easy2boot (easy2boot.com).  I have now been using, and enjoying easy2boot as my sole multiboot utility for some years and realize that it deserves …
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

872 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question