[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Outlook Express 5.0 and OpenLDAP
Ok, to reply to my own message, I've now gotten to where it(at least
most of the the time) doen't return an error. Unfortuneately, it also
never returns a value. :) I have my search base set to "dc=mydomain,
dc=com"(without the quotes) and I'm searching for "cn=Chris Readle" it
finds no matches, when I can do the same search with ldapsearch and it
returns fine. I attached a relevant section of my logs.
chris
Chris Readle wrote:
>
> Ok, switching over and testing netscape(which I have loaded on a couple
> of clients) it seems that any search that I do returns either a no such
> object 0x20, or fails to bind with an Unknown Error 0xFFFFFFFF.
>
> chris
>
> Charles Rouzer wrote:
> >
> > I am doing the same thing, but at the moment have just tested with
> > netscape.
> > I have found that netscape wants to receive the entry and matched mail
> > attr and value.
> >
> > For instance, if I logged in with user@domain.com and a password, the
> > client expects to receive:
> >
> > dn: uid=user, dc=domain, dc=com, c=US
> > mail: user@domain.com
> >
> > If it doesn't receive "mail: user@domain.com" along with the entry,
> > netscape gives an error of "Mail ID invalid", but receives the dn and
> > will continue to bind to the server with the users dn. Using the
> > slapd.conf access list below should help you out. I am still trying to
> > figure out how I can disallow an anonymous user from grabbing all of the
> > mail attributes values from every record (ie, filter of mail=*). I
> > would like an anonymous user to only have access to an exact matching
> > mail=user@domain.com filter, to satisfy netscape and others and deny all
> > other anonymous connections.
> >
> > defaultaccess none
> > access to attr=entry
> > by * read
> > access to attr=mail
> > by dn=".+" read
> > by * search
> > access to attr=userpassword
> > by self write
> > by * none
> > access to *
> > by self write
> > by dn=".+" read
> > by * none
> >
> > index uid,mail eq
> > index default none
> >
> > Chris Readle wrote:
> > >
> > > Hi there,
> > >
> > > I was able to get my ldapsearch thingy fixed and now I can search my
> > > ldap database like never before :). What my actual purpose for this is
> > > to use the LDAP server as a "global addressbook" for my Outlook
> > > clients. Basically, what I would like is for them to be able to click
> > > "New Message" and then "To:" and have it bring up the contents of the
> > > LDAP database to select the email recipients. I've set this up in
> > > outlook, but whenever I go into the address book from the LDAP directort
> > > server it's blank. Also, when I try to do a search, it comes back with
> > > invalid credentials no matter what I put in. Thanks.
> > >
> > > chris
> >
> > --
> > Charles Rouzer - Vital Information Technology, Inc. - Greensboro, NC
Feb 22 14:54:19 server slapd[777]: conn=38 fd=27 connection from server.mydomain.com (216.71.32.74) accepted.
Feb 22 14:54:19 server slapd[2311]: conn=38 op=0 BIND dn="" method=128
Feb 22 14:54:19 server slapd[2311]: conn=38 op=0 RESULT err=0 tag=97 nentries=0
Feb 22 14:54:19 server slapd[2312]: conn=38 op=1 SRCH base="DC=MYDOMAIN,DC=COM" scope=2 filter="(cn=*CHRIS* *READLE*)"
Feb 22 14:54:19 server slapd[2312]: conn=38 op=1 RESULT err=0 tag=101 nentries=0
Feb 22 14:54:19 server slapd[777]: conn=38 op=-1 fd=27 closed errno=0
Feb 22 14:54:19 server slapd[2313]: conn=38 op=2 UNBIND