LDAP v2 Query EDirectory

mhorany_ironport · ‎06-27-2008

S650 Upgraded to ASyncOS v5.2.1

Attempting to write LDAP query to EDirectory server.

Keep getting this error
Checking connectivity of LDAP Server(s)...
Success: Server 'server ip omitted' responding to queries on port 389.

Attempting to fetch user information...
Failure: Unable to fetch user DN information from server 'server ip omitted'.Please check the Base DN, User Name Attribute and User Filter values.

Attempting to fetch group information...
Warning: Server 'server ip omitted' returned no valid groups for the configured Group parameters.

My Query is as follows:

User Authentication:
Base DN: o=WFISD

User Name Attribute: cn

User Filter Query: Custom - objectclass=users

Query Credentials:
Server Accepts Anonymous Queries

Define Group Authorization Query
Group Name Attribute: cn

Group Filter Query: Custom - objectclass=group

Group Membership Attribute: member

Any help would be appreciated.... note the same LDAP query in version ASyncOS 5.1 worked.

Thanks in advance

mhorany_ironport · ‎06-30-2008

figured it out...

jowolfer · ‎07-01-2008

Mhorany,

If you wouldn't mind sharing, what did you do to remedy the problem?

mhorany_ironport · ‎07-01-2008

Well, we thought we were running LDAP v2, but turns out...when I put the ironport to v3 the query worked beautifully.

The base DN o=wfisd (our entire tree) with no custom query was sufficient.

took the user filter query out of the base DN all together.

Then, server accepts anonymous logins. (no problem here either)

For the group query, set it to custom, we set the search to:

cn

objectclass=group

query members.

I believe the entire problem however was the ldap v2 or v3 issue.