[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
rootdse and ldap uri's
I have worked on this for about a month now and can't figure it out so I
thought I would toss my problem into the list to see if anyone else can
help me solve it.
I have two LDAPs running in my organization. The first is a Lotus Domino
LDAP service which work well. The second is an OpenLdap system running on
Redhat Linux 7.2 and this is working but not quite the way I want it to.
This is the problem:
I can contact the Domino LDAP server from my IE browser by just
specifying the URI (ldap://server) but in order to contact the OpenLDAP
server I have to specify the entire URI with arguements
(ldap://server/base??scope?filter). If I don't specify the arguements then
server returns zero entries.
There is a distinct difference between the RootDSE entries between the two
LDAP and after going through the schema I can't see how the Domino LDAP
RootDSE is being defined.
Here they are:
Domino LDAP:
dn:
supportedsaslmechanisms: EXTERNAL
supportedldapversion: 3
supportedldapversion: 2
subschemasubentry: cn=schema
supportedextension: 1.3.6.1.4.1.1466.20037
supportedextension: LanguageCodes
objectclass: top
namingcontexts:: AA==
and the OpenLDAP:
dn:
objectClass: top
objectClass: OpenLDAProotDSE
this is the content of my slapd.conf file:
# $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 1.8.8.7 2001/09/27
20:00:31 kurt Exp $
#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include /etc/openldap/schema/core.schema
include /etc/openldap/schema/cosine.schema
include /etc/openldap/schema/inetorgperson.schema
include /etc/openldap/schema/nis.schema
include /etc/openldap/schema/misc.schema
include /etc/openldap/schema/redhat/autofs.schema
include /etc/openldap/schema/redhat/kerberosobject.schema
include /etc/openldap/schema/redhat/samba.schema
pidfile /usr/local/var/slapd.pid
argsfile /usr/local/var/slapd.args
access to * by * read
defaultaccess read
defaultsearchbase dc=hub
#######################################################################
# ldbm database definitions
#######################################################################
database ldbm
suffix dc=hub
rootdn "cn=Manager,dc=hub"
rootpw mysecretpassword
directory /var/lib/ldap
index objectClass eq
index cn,sn,uid pres,eq,sub
As you can see, I've tried to keep the rules to a minimum to make sure that
they didn't interfere with the access but still no luck.
This is what the IE browser is looking for when I just put the IP of the
ldap server and then request "ken".
attrs: display-name cn commonName mail otherMailbox givenName sn surname
st c co organizationName o ou organizationalUnitName URL homePhone
facsimileTelephoneNumber otherFacsimileTelephoneNumber OfficeFax mobile
otherPager OfficePager pager info title telephoneNumber l homePostalAddress
postalAddress streetAddress street department comment postalCode
physicalDeliveryOfficeName initials conferenceInformation
userCertificate;binary userSMIMECertificate;binary labeledURI Manager
Reports IPPhone
conn=0 op=2 SRCH base="c=US" scope=2 filter="(|(mail=ken*)(|(cn=ken*)
(|(sn=ken*)(givenName=ken*))))"
Any help or guidance would be appreciated!
Ken Smith
Network Systems Administrator
Barton Insurance Brokers Ltd
TEL:(604)703-7056
CEL:(604)793-3703
FAX (604)703-7099
ksmith@barton.ca
"OK!!! Who's the #$@^ that put a stop payment on my reality check???"