This is an Exchange 5.5 server that happens to be on a Windows 2000 box. I'm attempting to connect to the Exchange 5.5 directory, not Exchange 2000 on AD. The UPN login fails as well. I'm suspecting either some kind of security setting(s) that exist on 2000 that weren't on NT 4, or some kind of connection problem between the exchange server and the AD forest that holds the account trying to connect, does anyone know of any security settings that might deserve attention when going from NT4 to W2K and using Exchange 5.5?
thanks, Tony > > You may want to try binding with the userprincipalname in AD ... which > usually looks like [EMAIL PROTECTED] .... > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Wednesday, November 05, 2003 12:41 PM > To: [EMAIL PROTECTED] > Subject: Connecting to exchange 5.5 on Windows 2000 server > > > Hi all, > > I have been using Net::LDAP to connect to Exchange 5.5 servers on NT 4.0 > without problems, but have started experiencing problems when the > Exchange servers are upgraded to Windows 2000. The connection code is > > my $ldap = Net::LDAP->new( $serverName, port=>$port); > if (!($ldap)) > { > # couldn't connect to Exchange server, log this event > # and handle gracefully. > LOG("text","ERROR","write_cert (ldap connection)",$zDn,"Unable > to > connect to Exchange server: ".$serverName); > return("FAILED"); > } > > my $mesg = $ldap->bind($exchuser,password => $exchpass, version => 3); > > the exchange user that is being used is in the format > "cn=admin,cn=domain". > When the server is Windows 2000, the bind does not return an error and > the > subsequent search (which asks only for attributes available anonymously) > returns the correct account/attrs, but when an $ldap->modify call is > made, it fails with error 50: > > Return code: 50 Message: LDAP error code 50(0x32)MessageID: 19 > (LDAP_INSUFFICIENT_ACCESS) > > The account being used has admin rights at the site and container > levels. I am certain that the credentials are correct, and the script > continues to work on NT4 servers. Is there another format for the > username that must be used on W2K servers? I'm using Net::LDAP v. 0.26 > (is this the problem maybe?) and the code is compiled into an executable > by the PDK and run on a W2K advanced server machine. > > Any suggestions? > > thanks in advance, > > Tony > > > > This e-mail, including any attachments, is a confidential business > communication, and may contain information that is confidential, proprietary > and/or privileged. This e-mail is intended only for the individual(s) to whom > it is addressed, and may not be saved, copied, printed, disclosed or used by > anyone else. If you are not the(an) intended recipient, please immediately > delete this e-mail from your computer system and notify the sender. Thank you. >
