Forum .LRN Q&A: Re: External authentication with dotLRN (LDAP)

Posted by Carl Robert Blesius on
It is good to hear you got ldapsearch working Shahid, that is an important step.

I am assuming that you can do something like this now:

ldapsearch -h -D "CN=youruseraccount,CN=Users,DC=yourdomain,DC=com" -x -W -b "CN=Users,DC=yourdomain,DC=com" -t cn=youruseraccount

And it asks you for your password and spits out a lot of data.

-h: Domain Controler NetBios Name/Fully Qualified Domain Name
-D: The Distinguished Name of the user account used to query Active Directory
-x: Simple authentication mechanism
-b: The Base Distinguished Name of the starting point for the search
-W: Prompt for simple authentication

If that works, then the backend pieces are working and you can use that info to fill in the driver .

Can you give me the details on what you are trying to do?

I just read through your posts in more detail and I am not sure what you are trying to do.

I assume your users are already in Active Directory?

If you got the ldapsearch working, see if you can get On-Demand Sync working next, with password management, account registration, and batch sync all disabled (because I can assure you that works).

I am also interested in which version of the code you are running. We made some minor fixes that are now in 5.2 and/or HEAD