Re: LDAPSearch AuthName

rickyhadlocon · ‎11-26-2006

Hello,

I have a question regarding LDAPSearch. Do I need to add "CN=" to my user name and add the "@<domainname>.com" to the AuthName. For example: CN=myname@example.com. I'm trying to query our Active Directory server.

Thank you in advance.

Sascha Monteiro · ‎11-27-2006

no

CN=myname, DC=example, DC=com

hth

Sascha

rickyhadlocon · ‎11-27-2006

Thanks Sascha for your reply. I edited my ASP script to but i'm still getting the error below:

XML Error [4]: Parse Error

I test all my credentials using Softera LDAPBrowser and all are working, I can login and perform directory search.

What else could be wrong with script? I used the multidirectory.asp that's included in the IPPS SDK.

stephan.steiner · ‎11-28-2006

Did you try calling the script from a webbrowser? Webbrowsers, even if they can't parse the XML, will give you the source document so you'll see what's wrong (if you use Firefox.. it even points you to the exact element where there's a problem). Or, if your browser can handle the returned content just fine, that's when you can start investigating if the XML might be valid but violate Cisco's XSD. That can happen if you return strings that are too long, just as an example (probably the most common cause leading to XML parser errors when the XML document is valid)

rickyhadlocon · ‎11-28-2006

Thanks Stephan for your reply. No, i haven't try that. What I did is copy a part of the script where it calls for the LDAPSearch.LDAPSearchList. Now I'm getting an error message "Can't contact LDAP server". I think my problem relates to bad credentials. How do write the AuthName if you are connecting to an Active Directory? Tried "cn=myname@example.com" but it didn't work.

stephan.steiner · ‎11-29-2006

I can't speak for Cisco's classes. In fact, looking around this board and seeing just how many people can't get LDAPSearch right, I'm glad I wrote my own code.. it usually takes a debug session or two for a new directory, but that teaches me the specialties of each directory and so far I've managed to connect to everything.

When I connect to AD, all I have to do is specify the username and password.. no cn, no tags whatsoever required for the authentication.

rickyhadlocon · ‎11-29-2006

I was able to make it work today! All I did is to comment out the line s.Port = 636 and put "myname@example.com in the s.AuthName and it work! I am very happy.

Thank you again for all of your replies.

anlombar · ‎01-14-2007

Ricky,

I'm very happy for you. ;-)

I have tried to follow your indications but without success...

I'm trying to change the configuration of the file ldapdirectorylist.asp (the default file of the LDAP Search COM Server Sample)but doesn't work....

Could you post the file what you have configured and what work fine ?

Thanks

Antonio

rickyhadlocon · ‎01-14-2007

Antonio,

Below is how i configured my script:

server =

searchbase = ou=people,dc=company,dc=com

userid = userid@company.com

password =

and lastly, i commented out the ldap port.

Hope this helps.

Regards,

Ricky