|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
AW: LDAP lookups from a Windows 2003 AD Server
From: Sven Riedel (sr
baghus.net)
Date: Mon May 02 2005 - 02:49:57 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> Are you actually binding...
>
> bind = yes
> bind_dn = cn=username,ou=someou,dc=domain,dc=net
> bind_pw = secret
Yes. And the running
postmap -vv -q <email> ldap:/etc/postfix/myldaplookup.cf
does show that the bind was successful.
Doing something like
bind = yes
bind_dn = cn=myuser,ou=users,dc=my,dc=domain
bind_pw = secret
search_base = dc=my,dc=domain
results in an operations error, but
bind = yes
bind_dn = cn=myuser,ou=users,dc=my,dc=domain
bind_pw = secret
search_base = ou=email,dc=my,dc=domain
works just fine (without changing dsHeuristics or any
user privilege).
> allow anoymous ... which doesn't seem like the best idea.
True, I'm not in love with this solution myself, but it's the
only one I got working.
Which windows server and service pack are you using? My tests
were with the german windows 2003 sp1.
Regs,
Sven
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]