gmahler5th
asked on
I'm trying to connect to Novell eDirectory using LDAP Browser
I can't connect to my Novell eDirectory with LDAP Browser. Although I can connect using ConsoleOne.
I believe I have used the correct host name, and tried every variation including Localhost, 127.0.01.1 and even tried setting up a DNS record to forward ldap request to the correct host.
I'm having miserable time connecting to my NDS using ldapbrowser.
Someone please help.
I believe I have used the correct host name, and tried every variation including Localhost, 127.0.01.1 and even tried setting up a DNS record to forward ldap request to the correct host.
I'm having miserable time connecting to my NDS using ldapbrowser.
Someone please help.
ASKER
I didn't know the appropriate forum to post this. Hopefully the moderator will place my question there.
Believe it or not, I've actually done this before, but it was more by accident.
I'm running Windows Server 2003, Novell eDirectory 8.7. DNS is configured, although not sure it's configured correctly.
I'm trying to connect to the eDirectory with ldapbrowser.
Believe it or not, I've actually done this before, but it was more by accident.
I'm running Windows Server 2003, Novell eDirectory 8.7. DNS is configured, although not sure it's configured correctly.
I'm trying to connect to the eDirectory with ldapbrowser.
OK, eDirectory v8.7... is that v8.7.2 or v8.7.3? Any SPs? The absolutely latest version for the Windoze platform is v8.7.3.3 - its available here --> http://support.novell.com/cgi-bin/search/searchtid.cgi?/2969860.htm
I'm not terribly familiar with eDir on Windoze - I'll see if I can get some other eDir Experts headed over here. Prolly take awhile to get a Mod to move the Question.
I'm not terribly familiar with eDir on Windoze - I'll see if I can get some other eDir Experts headed over here. Prolly take awhile to get a Mod to move the Question.
ASKER
Yes, 8.7.3
I just disabled DNS server, as I'm told that isn't required.
Here is my connection string.
http://www.stevetout.com/connection.jpg
Is the host the machine hostname, or the eDir server name?
When specifying the userDN, should I use commas or periods?
I just disabled DNS server, as I'm told that isn't required.
Here is my connection string.
http://www.stevetout.com/connection.jpg
Is the host the machine hostname, or the eDir server name?
When specifying the userDN, should I use commas or periods?
ASKER
I tried doing an nslookup on my machine's name "kirkland" and it didn't resolve correctly... Something is really messed up.
http://www.stevetout.com/nslookup-kirkland.jpg
http://www.stevetout.com/nslookup-kirkland.jpg
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Do you get an error message during the failure?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I was able to bind anonymously on port 389.
I disabled TLS for the server and group objects.
My Win2K3 server is not an AD member. It is a stand alone server. AD is not enabled on this server. I'm running this server on a laptop with the sole purpose of testing some applications that run against NDS.
With all that said, I still cannot bind as an admin user in ldapbrowser. Strange, that I can bind anonymously, but not as a user.
Thoughts anyone?
I disabled TLS for the server and group objects.
My Win2K3 server is not an AD member. It is a stand alone server. AD is not enabled on this server. I'm running this server on a laptop with the sole purpose of testing some applications that run against NDS.
With all that said, I still cannot bind as an admin user in ldapbrowser. Strange, that I can bind anonymously, but not as a user.
Thoughts anyone?
Are you using commas in your DN name?
Here is a link to follow to test LDAP authentication.
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10075010.htm
Here is a link to follow to test LDAP authentication.
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10075010.htm
Here is another that will allow you to troubleshoot the connection failure using DSTrace.
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10080854.htm
lh
http://support.novell.com/cgi-bin/search/searchtid.cgi?/10080854.htm
lh
ASKER
I was able to bind using the NDS admin user. cn=Admin,ou=secure,o=admin
But I have since created other admin users in different branches, and I cannot bind when I specify one of those.
What do I have to change to allow other admin users to bind to the directory?
But I have since created other admin users in different branches, and I cannot bind when I specify one of those.
What do I have to change to allow other admin users to bind to the directory?
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for reccommending doing the eDir Trace. I saw right away a failed authentication, error -669. I had to specify a simple password instead of NDS password. Now it's working!
I will split up the points fairly.
Thanks everyone!
I will split up the points fairly.
Thanks everyone!
Glad we were able to assist you.
lh
lh
Of course, I'm not sure what any of us can do for you, since you haven't bothered to mention minor little details like the VERSION of eDirectory you're using, or what platform its running on, or what version/patch/SP/whatever you have of that platform, or anything else about your environment that would help an Expert arrive at a solution for you.