On Tuesday 16 June 2009 09:30:01 J. Bakshi wrote:
Emmanuel Lecharny wrote:
Thanks for the great oneliner tip !!
The API which is doing the search is making the DN as ("uid=rbilly,ou=people,dc=example,dc=com") and to debug it I also executed the command manually based on the same DN. But your kind suggestion has clarified everything. I have created some users and this time I have inserted so that the DN starts with uid and I got success.
Note that most likely your application is broken, assuming that the DN can be constructed from a suffix and a username is not a good idea. The application should search for an entry that has a matching value for the "username" attribute is using, and bind as the resulting DN. This would allow the RDN to differ from the username attribute.
Regards, Buchan