Newsroom Update
Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >
Beginning in May, a special Today at Apple series titled “Made for Business” will offer small business owners and entrepreneurs free opportunities to learn how Apple products and services can support their growth and success. Learn more >
Hey guys,
I have an Open Directory server, let's call it odir.domain.com, I want to connect to it using LDAP, I created a user called ldapadm with permissions to administer the server and I tried to connect to it using cn=ldapadm,dc=domain,dc=com and it's password, I also tried using cn=ldapadm,dc=odir,dc=domain,dc=com and it's password but they all failed to login, can anybody tell me what I'm missing?
Thanks
I found what I was looking for, it turns out that I had to use cn=username,cn=users,dc=odir,dc=example,dc=com, I thought Open Directory used OUs (like everybody else), but when I saw the LDAP tree, everything in it is CN.
Thanks for your help.
I found what I was looking for, it turns out that I had to use cn=username,cn=users,dc=odir,dc=example,dc=com, I thought Open Directory used OUs (like everybody else), but when I saw the LDAP tree, everything in it is CN.
Thanks for your help.
This is posted in the Lion Server area — which is very old — and it's not entirely clear to me if this LDAP connection is attempting to connect from a client to an Open Directory LDAP directory running on a local Lion Server system, or if this is attempting to connect the directory to another directory server, or a client connecting to another directory server such as might be offered by local a Linux system. A few more details here might help me to be more certain of the configuration.
I'll assume that network connectivity has been verified, and that DNS is correctly configured for the server. If DNS for the server is hosed — name to address and address to name don't match up — then all sorts of problems can arise.
Check the LDAP server logs and see if there's anything relevant logged there.
FWIW, that domain.com domain is a real and registered domain, so I'm going to assume by your phrasing that isn't what you're using. For cases such as this as well as use in documentation and elsewhere, example.com, example.org and example.net are safer choices, as those domains are explicitly not real domains and will not be registered.
Yes this is an old server, I'm trying to connect to it from a web interface using LDAP authentication, not to bind to it, just to login and check credentials, the DNS is setup correctly, all the clients can ping it using it's name, I was just thinking that since this is a Apple Flavor of LDAP I will need something else, like ou=People in addition to the DN I already posted, but I wanted to make sure what I needed to use to login to it.
Thanks.
Check the server log for clues.
Lion lacks current SSL/TLS support, and that can block access until the client security is also downgraded.
Since security is seemingly less of a concern, also try cleartext LDAP connection,
connect to Open Directory using LDAP
