[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldapsearch 2.0 vs. 2.1 against a netware LDAP server



I'm trying to figure out how to authenticate users against a Novell Netware
6.5 LDAP server (eDirectory 8.7.1).

So far I'm just trying to query the server using ldapsearch.

Using ldapsearch from openldap-2.1.26 (either on Debian or Gentoo); I can
query the server and get a meaningful response (i.e. it returns a record).

Using the exact same command with ldapsearch from openldap-2.0.27 (on redhat
7.3; or whitebox 3.0); it gives me an NDS error of 'no such entry'.

Using a similar command (same options, different server) from ldapsearch
2.0.27 against an openldap 2.0.27 server (on Linux); works just fine,
returning the expected record.

Any idea what would cause the discrepancy? I've tried ldap v2 and v3
protocols, and it seems to make no difference. tried a large number of other
options, to no avail.

here's the commands and the (edited for privacy) results. is the 'matchedDN:
dc=com' line in the failed command, an issue? shouldn't it be
'cn=chrome,dc=ourdomain,dc=com' or something like that?

here's the failing one:
$ldapsearch -u -D "cn=admin,dc=ourdomain,dc=com" -H
ldap://ldapserver.int.ourdomain.com/ -x -v -W cn=chrome
ldap_initialize( ldap://ldapserver.int.ourdomain.com/ )
Enter LDAP Password: 
filter: cn=chrome
requesting: ALL
version: 2

#
# filter: cn=chrome
# requesting: ALL
#

# search result
search: 2
result: 32 No such object
matchedDN: dc=com
text: NDS error: no such entry (-601)

# numResponses: 1


here's the succeeding one:
$ldapsearch -u -D "cn=admin,dc=ourdomain,dc=com" -H
ldap://ldapserver.int.ourdomain.com/ -x -v -W cn=chrome 
ldap_initialize( ldap://ldapserver.int.ourdomain.com/ )
Enter LDAP Password: 
filter: cn=chrome
requesting: ALL
# extended LDIF
#
# LDAPv3
# base <> with scope sub
# filter: cn=chrome
# requesting: ALL
#

# chrome, ourdomain.com
dn: cn=chrome,dc=ourdomain,dc=com
ufn: chrome, ourdomain.com
uid: chrome
sn: Carl
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: ndsLoginProperties
objectClass: top
loginTime: 20040412213035Z
cn: chrome
ACL: 2#subtree#cn=chrome,dc=ourdomain,dc=com#[All Attributes Rights]
ACL: 6#entry#cn=chrome,dc=ourdomain,dc=com#loginScript
ACL: 2#entry#[Public]#messageServer
ACL: 2#entry#[Root]#groupMembership
ACL: 6#entry#cn=chrome,dc=ourdomain,dc=com#printJobConfiguration
ACL: 2#entry#[Root]#networkAddress

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1



Carl Soderstrom.
-- 
Systems Administrator
Real-Time Enterprises
www.real-time.com