[Date Prev][Date Next] [Chronological] [Thread] [Top]

namingContexts not working?

I am trying to set up a public address book server for use within my
organization.  It's working fine, using anonymous binds.

However, I'd like to remove the requirement that the end users enter the
search base in their clients.  Most of these people are sales, marketing,
billing, etc, and some bizarre string like "ou=addressbook,o=My Company" is
sure to result in typos and support headaches.

My understanding is that if a search base is not set (i.e. -b '') one can
look at the namingContexts attribute in the root DSE to find the branch
names.  Testing with Outlook Express and Mozilla showed that this didn't
work (they couldn't find the search base on their own).

I even removed the operational status from namingContexts (removed the
USAGE portion of the definition), although I really hate doing that.  But
still the clients are unable to find the search base.  I can see, however,
that namingContexts is returned with the entry...

  ldapsearch -b '' -s base 'objectclass=*'

returns the root DSE along with my directory's suffix in the namingContexts
attribute.  I only have one suffix defined, so it returns one value for
namingContexts (I assume this means clients can't get confused about which
branch they should use since there is only one).

Is what I'm trying to do possible, or am I stuck with several thousand end
users in six countries typing in a DN string by hand in their client

(I tested this with Outlook 2002, Outlook Express 5.5, and Mozilla 1.0)


The [public relations] version of the Titanic story would be headlined:
					-Doc Searls, "The Cluetrain Manifesto"