On Tue, 6 Apr 2010 14:07:06 -0500, Mark Hammack <[email protected]> wrote:
>I am attempting to write an LDAP client on z/OS that will bind to AD running
>on Windows 2003 Server using the C API. The ldap_init() returns 0 and seems
>to connect OK (the only problem I have with this is that I tried an invalid
>server name and still got a return code 0). When I issue the
>ldap_sasl_bind()/ldap_request(), I get an error back indicating that the
>user is not defined (return code 49, data 525 error). For the DN string
>("who" parameter), I have tried "cn=user.name,o=company,c=US",
>"uid=user.name", etc. (everything I can think of anyway) in both codepage
>1047 and 1252 all with the same results. BTW, when I use the invalid LDAP
>server name, I get a completely different error so apparently, the
>connection is fine.
In order to bind, you have to have a valid dn ("who"). To get a valid dn,
you search() on something unique like "[email protected]". Then
you bind using the returned DN. Bind() will not do an implicit search().
The set of attributes that constitute a dn are defined by the schema (I
can't figure out what to search in the schema to find it, though). cn=my
name,ou=place,o=company,c=us is common, but there are others. Talk to the
LDAP owner.
Alan Altmark
z/VM Development
IBM
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: GET IBM-MAIN INFO
Search the archives at http://bama.ua.edu/archives/ibm-main.html
