Sorry, I don't know what happens with my two previous posts Thank for your responses. Now I'm able to get the users information in cn=user, dc=doamin,dc=com. But I still have another question: AD doesn't allow anonymous bind, but I have binddn and bindpw directives in slapd.conf. So , why have I to put -D user_dn when I'm using ldapsearch?? Doesn't it will work with the slapd.conf binddn and bindpw?? (sorry about my english :( ) Tahnks -- CodeSyntax anaberan@codesyntax.com www.codesyntax.com Tel: 943 82 17 80 Pierangelo Masarati(e)k dio: By default AD reveals users information only to bound clients; as a consequence, you need to bind with some identity. This topic has been mentioned many times in the past, I suggest you browse the mail archives for suggestions. BTW, you don't need --enable-rewrite if you don't use suffixmassage or any rewrite* directive.Of course, this has very little to do with OpenLDAP software. You have the same problems if you directly query AD. p. |