Re: LDAP Authentication to Lotus Domino?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Charles Richards wrote:
> Has anybody done any authentication to Lotus Domino using LDAP?
> 
> I selected LDAP options in the "authconfig-tui" application, per the  
> documentation here:
> 
> http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-ldap-pam.html
> 
> 
> when I try to query the directory for user information though, I get  
> no results using the ldapsearch command
> 
> [root@ldapclient ~]# ldapsearch -x uid=crichards
> 
> # extended LDIF
> #
> # LDAPv3
> # base <> with scope subtree
> # filter: uid=crichards
> # requesting: ALL
> #
> 
> # search result
> search: 2
> result: 0 Success
> 
> # numResponses: 1
> 
> 
> I'm  not quite sure what I'm missing, as I can manually query the  
> directory for, say, a uid,  with the "ldapsearch" command with options  
> specified and it returns the correct info from the directory.
> 
> [root@ldapclient ~]# ldapsearch -H ldap://domino.mydomain.com -W -D  
> Charles\ Richards -x uid=crichards
> 
> Enter LDAP Password:  ****
> # extended LDIF
> #
> # LDAPv3
> # base <> with scope subtree
> # filter: uid=crichards
> # requesting: ALL
> #
> 
> # Charles Richards, NewPush
> dn: CN=Charles Richards,O=MyDomain
> cn: Charles Richards
> mail: CRichards@xxxxxxxxxxxx
> displayname: Charles Richards/MyDomain
> messagestorage: 1
> encryptincomingmail: 0
> roaminguser: 0
> 
> <snip> ...
> 
> 
> I have a feeling I'm missing something in my /etc/ldap.conf regarding  
> how I'm binding to the directory (I've tried using my CN=Charles  
> Richards for the binddn and rootbinddn to no avail...)
> 

The bad news are that you can't use the integrated LDAP in domino for 
something else than domino attributes.
You can't modify or add external schemas (like posix, samba, etc ...) , 
or has that changed ?
Last time i looked at that it wasn't. Even their email addresses are not 
really compliants because it's a combination of the mail, uid and other 
attributes (like short name/alternate name)
I had to put a sendmail relay box in front of multiple domino servers 
and i prefered querying the ldap once and build a local access table for 
sendmail than querying the domino ldap for each incoming mail.
BTW i had to specify '-b ROOT' for the ldapsearch command before i could 
list the attributes
Hope that it helps

-- 
-
Fabian Arrotin <fabian.arrotin@xxxxxxxxxx>
"Internet network currently down, TCP/IP packets delivered now by 
UPS/Fedex ..."



_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux