Menu
▾
▴
RE: Active Directory authenticaion via UNIX
|
From: Rick T. <Ric...@sa...> - 2003-03-13 22:40:33
|
You're dn syntax is probably wrong... backwards, actually. Try =
"cn=3DMY_USER_ID,dc=3DMY_DOMAIN_SUFFIX,dc=3DMY_DOMAIN" instead (like =
"cn=3DJoe User,dc=3Dcompany,dc=3Dcom")
=20
I've actually been working on a proxy do handle this very thing (i.e. =
take an anonymous bind to Active Directory and use a general use account =
instead) It also proxies to the Global Catalog port, instead of the =
general LDAP port since, in AD, port 389 only give access to the domain =
level, not the entire forest. I'll tidy it up and share it soon, if =
there's interest.
=20
Rick
---=20
Rick Tatem=20
Messaging and Directory Resources=20
-----Original Message-----
From: Jason Jolly [mailto:jas...@ho...]
Sent: Thursday, March 13, 2003 5:14 PM
To: Ken Cornetet
Cc: per...@li...
Subject: Re: Active Directory authenticaion via UNIX
Thanks Ken. I wasn't aware of that.......
=20
You don't, by chance, happen to know how to determine what dc / cn =
information should be used for the connection:
=20
=
$ldap->bind(dn=3D>"dc=3DMY_DOMAIN,dc=3DMY_DOMAIN_SUFFIX,cn=3DMY_USER_ID",=
password=3D>"MY_PASSWORD")=20
=20
on the Active Directory side (AD browser, etc)?
=20
I've talked to my NT administrator and he states this is correct, but =
this syntax always fails and I get this sinking feeling that I'm doing =
something wrong that is *VERY* easy....
=20
thnx,
=20
~j
|
