Dear Sellers,

Thank you!

Now I understand referral is processed in client. At the very beginning, I thought it is in server side.
We use hostname in our intranet.

Best regards,
Jacky

On Fri, Apr 25, 2008 at 10:34 PM, Chris G. Sellers <Chris.Sellers@nitle.org> wrote:
Jacky,
Glad you determined the ACL.  Now, you have to pair down the access to be a little more restrictive.  But now that you see it was the ACL, you can focus on that.  Remember order matters.  

As for the referrals, as Aaron mentioned, try a different client.  Apache has a directory client, I've used that and found it very handy.  There is also LDAPBrowser.  Google those and you should see results.  Also, make sure your client can resolve the ldap url and hostname. (I notice you don't have fully qualified names in the list, which may be to protect yourself from attacking but something to check in case you didn't scrub to post on the list)

Sellers



--
John 3:16 For God so loved the world, that He gave His only begotten Son, that whoever believes in Him shall not perish, but have eternal life.
http://www.hkccc.org/flash2.htm