Thanks for the procedure!
I was able to get my Windows 7 client to authenticate against my Mac OS X 10.5.8 Server, and wanted to provide some additional details for others about LDAP settings. I am using pGina-2.0 Build 109 and version 1.5.3 of the LDAPauth Plus plugin for pGina, both of which I downloaded from Sourceforge (
http://sourceforge.net/projects/pgina/files/).
After installing pGina, I extracted the ldapauth_plus.dll file from the ldapauth_plus.zip file. I then moved this DLL file to the C:\Program Files\pGina\plugins directory. Once the DLL was moved to the appropriate directory, I started the Configure pGina program from the Start Menu. In this program, I selected Plugin from the tree menu on the left, and then clicked the Browse button on the right-hand side of the dialog box to browse and select the ldapauth_plus.dll file that I just moved to the plugins directory.
Once the LDAPauth plugin file has been selected, I clicked on the Configure button in the pGina configuration program, which brings up the LDAPauth configuration dialog box.
There are three LDAP Methods to choose from - Search Mode, MultiMap Mode, and Map Mode - and I chose Map Mode, which is the simplest of the options. If you leave the 'Port' field empty, LDAPauth will use the default LDAP port of 389. I left the 'Admin User' and 'Admin Pass' fields empty.
The correct settings to use for the 'PrePend' and 'Append' fields weren't immediately obvious to me, but I was able to figure out the correct settings for my environment using the LDAPManager Cocoa application (
http://ldapmanager.sourceforge.net/) and a Linux tutorial for LDAP Authentication with Windows 2000 (
http://www.yolinux.com/TUTORIALS/LDAP_Authentication.html#WINDOWS).
For the 'PrePend' field, use the value:
uid=
The value to use for the 'Append' field will depend on how you have configured Open Directory. Start the Server Admin program (and keep in mind that these steps might be slightly different for 10.6.x than for 10.5.8), browse to your server in tree-view on the left, and select the Open Directory service from the list of services running on your server. In the right-hand pane, click on the Settings icon, and then the LDAP tab. There should be a field that says 'Search Base', with a value that looks something like this:
dc=mydomain,dc=com
In pGina's LDAPauth configuration dialog box, the 'Append' field for this example should be:
cn=users,dc=mydomain,dc=com
and, in general:
cn=users,[String
from_Search_BaseField]