> Could you do a "ldapclient -u", stop ldapcachemgr/nscd, remove everything > from /var/ldap. > Then try the first ldapsearch test queuery but this time authenticating as > proxyagent. Worked! I get a bunch of stuff: bash-2.03# ldapsearch -D "uid=proxyagent,ou=profile,dc=foo,dc=com" -w password -h cnyitlin02 -s base -b "" "objectclass=*" objectClass=top namingContexts=dc=foo,dc=com namingContexts=o=NetscapeRoot supportedExtension=2.16.840.1.113730.3.5.7 supportedExtension=2.16.840.1.113730.3.5.8 supportedExtension=2.16.840.1.113730.3.5.3 supportedExtension=2.16.840.1.113730.3.5.5 supportedExtension=2.16.840.1.113730.3.5.6 [blah blah] > > What value has "nisdomain" in the FDS tree? # composers.foo.com, foo.com dn: nisdomain=composers.foo.com,dc=foo,dc=com nisDomain: composers.foo.com objectClass: top objectClass: nisdomainobject > Try the ldapclient -v -P... line again. same result: found baseDN nisdomain=composers.foo.com,dc=foo,dc=com for domain composers.foo.com The download of the profile failed. Could not read the profile 'default'. Perhaps it does not exist or you don't have sufficient rights to read it. bash-2.03# one small note: I removed the old proxy agent: # proxyagent, profile, foo.com dn: cn=proxyagent,ou=profile,dc=foo,dc=com objectClass: top objectClass: person sn: proxyagent cn: proxyagent and added this (hoping that'll fix it): # proxyAgent, profile, foo.com dn: uid=proxyAgent,ou=profile,dc=foo,dc=com uid: proxyAgent givenName: Proxy objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetorgperson sn: Agent cn: Proxy Agent needless to say, it did nothing. ____________________________________________________ Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs
