I have no knowledge of OPENLDAP so that is why I am emailing this list.
I have an vendor that is trying to connect to my active directory (which is windows 2003 native for the forest level and the domain level) via SSL (port 636) using LDAPSEARCH. They want to authenticate users against my active directory. My certificates that I created (microsoft assisted me on this part) One question I have - My certificates contain multiple DNS names (domain name and a simple DNS name - which I want the vendor to use) Does OPENLDAP have a problem with this setup on the certificate?
Question about the command lines they are trying. 1st cmd - ldapsearch -H ldaps://servername -x -D 'CN=name of user' | grep usernameofusertheywanttofind 2nd cmd - ldapsearch -H ldaps://servername -x -s base -D 'cn=name of user'
Any thoughts or opinions on this subject would greatly be appreciated.
Eric Sabo Senior Windows Systems Engineer Department of Computing Systems California University of Pennsylvania