substitute host, port, suffix, binddn and password in above mentioned url and
try.
Michael Str�der wrote:
> Rich Megginson wrote:
> >
> > [EMAIL PROTECTED] wrote:
> >
> > > We have been doing browser (Netscape 4.7x) lookups with
> > > ldap://<hostname>/<root>??sub?(uid=rp59502) but that directory allows
> > > anonymous access.
> > >
> > > Can I do browser lookups but with binding? We've turned
> > > off ANONYMOUS access in the new directory. If so, how and where
> > > is the reference? I've used the Address Book with binding by
> > > making the mail attribute available anonymously. Must be doable, no?
> >
> > Have you tried
> > ldap://user:password@hostname/.....
> >
> > That works with http and ftp URLs . . .
>
> Yes, but not with LDAP URLs. RFC2255:
>
> -----------------------------------------------------------------------
> An LDAP URL begins with the protocol prefix "ldap" and is defined
> by
> the following grammar.
>
> ldapurl = scheme "://" [hostport] ["/"
> [dn ["?" [attributes] ["?" [scope]
> ["?" [filter] ["?" extensions]]]]]]
> scheme = "ldap"
> attributes = attrdesc *("," attrdesc)
> scope = "base" / "one" / "sub"
> dn = distinguishedName from Section 3 of [1]
> hostport = hostport from Section 5 of RFC 1738 [5]
> attrdesc = AttributeDescription from Section 4.1.5 of [2]
> filter = filter from Section 4 of [4]
> extensions = extension *("," extension)
> extension = ["!"] extype ["=" exvalue]
> extype = token / xtoken
> exvalue = LDAPString from section 4.1.2 of [2]
> token = oid from section 4.1 of [3]
> xtoken = ("X-" / "x-") token
> -----------------------------------------------------------------------
>
> One possibility would be using the bindname extension in the LDAP
> URL to specify a bind DN (see section 4 of RFC2255). But I'm not
> aware of any implementation and I don't know if it really would make
> sense. (I considered implementing it in my LDAP client and pop-up a
> password dialogue in case the bindname extension is set).
>
> Ciao, Michael.
