I'm trying to connect to Novell eDirectory using LDAP Browser

This Question was perhaps best-asked in the NetWare TA (https://www.experts-exchange.com/Networking/Netware/); even though eDirectory is platform-independent, most of the eDirectory-savvy folx hang out there.

Of course, I'm not sure what any of us can do for you, since you haven't bothered to mention minor little details like the VERSION of eDirectory you're using, or what platform its running on, or what version/patch/SP/whatever you have of that platform, or anything else about your environment that would help an Expert arrive at a solution for you.

I didn't know the appropriate forum to post this.  Hopefully the moderator will place my question there.

Believe it or not, I've actually done this before, but it was more by accident.

I'm running Windows Server 2003, Novell eDirectory 8.7.  DNS is configured, although not sure it's configured correctly.

I'm trying to connect to the eDirectory with ldapbrowser.  

OK, eDirectory v8.7... is that v8.7.2 or v8.7.3? Any SPs? The absolutely latest version for the Windoze platform is v8.7.3.3 - its available here --> http://support.novell.com/cgi-bin/search/searchtid.cgi?/2969860.htm

I'm not terribly familiar with eDir on Windoze - I'll see if I can get some other eDir Experts headed over here. Prolly take awhile to get a Mod to move the Question.

Yes, 8.7.3

I just disabled DNS server, as I'm told that isn't required.

Here is my connection string.

http://www.stevetout.com/connection.jpg

Is the host the machine hostname, or the eDir server name?

When specifying the userDN, should I use commas or periods?

I tried doing an nslookup on my machine's name "kirkland" and it didn't resolve correctly... Something is really messed up.

http://www.stevetout.com/nslookup-kirkland.jpg

Do you get an error message during the failure?

I was able to bind anonymously on port 389.

I disabled TLS for the server and group objects.

My Win2K3 server is not an AD member.  It is a stand alone server.  AD is not enabled on this server.  I'm running this server on a laptop with the sole purpose of testing some applications that run against NDS.

With all that said, I still cannot bind as an admin user in ldapbrowser.  Strange, that I can bind anonymously, but not as a user.

Thoughts anyone?

Are you using commas in your DN name?

Here is a link to follow to test LDAP authentication.

http://support.novell.com/cgi-bin/search/searchtid.cgi?/10075010.htm

Here is another that will allow you to troubleshoot the connection failure using DSTrace.

http://support.novell.com/cgi-bin/search/searchtid.cgi?/10080854.htm

lh

I was able to bind using the NDS admin user.  cn=Admin,ou=secure,o=admin

But I have since created other admin users in different branches, and I cannot bind when I specify one of those.

What do I have to change to allow other admin users to bind to the directory?

Thanks for reccommending doing the eDir Trace.  I saw right away a failed authentication, error -669.  I had to specify a simple password instead of NDS password.  Now it's working!

I will split up the points fairly.

Thanks everyone!

Glad we were able to assist you.

lh