Access OSXserver LDAP with script??

[Anonymous]

Background:
On OSX server 10.2.6
My CommuniGate Pro Mailserver 4.1 uses the OSX accounts for authentication.
——-
CGP cant use the OSX “password server”-accounts, I have to leave them as “Basic”. With Windows clients, this is less then perfect. I want the password server!

I try to use the CGP external authentication via a script to the OSX LDAP interface, thus, I can keep the password server running …I guess.

I use the external script: authLDAPNew.pl
Downloaded from http://www.stalker.com/CGAUTH/

It SHOULD connect to a LDAP server for authentication.
But I cant get it to use the (OSX-)LDAP 🙁
——-
In the terminal, I can search the LDAP with:
ldapsearch -x -h 213.80.40.200 -b “dc=10,dc=0,dc=0,dc=1″ ‘uid=01a.karin’

Wich returns:
(I cant figure out where that 10.0.0.1 came from.. its nowhere around here):

# extended LDIF
#
# LDAPv3
# filter: uid=01a.karin
# requesting: ALL
#

# 01a_karin, users, 10.0.0.1
dn: uid=01a_karin,cn=users,dc=10,dc=0,dc=0,dc=1
uid: 01a_karin
uid: 01a.karin
cn:: S2FyaW4gQmrDtnJr
gidNumber: 20
uidNumber: 1027

——-

The account 01a.karin exist within the CGP mailserver, and the external authentication calls the script wich connect to the LDAP i guess…but then…

.. LDAP responds:

Path Not Local to Datastore

——
It must be the configuration part thats wrong in authLDAPNew.pl:
Original:
my $LDAPServerAddress = ‘127.0.0.1’; # You should redefine these values
my $LDAPAdminDN = ‘uid=admin,cn=host’;
my $LDAPAdminPassword = ‘pass’;
my $LDAPSearchBase = ‘cn=domain.name’;

my $CGServerAddress = ‘127.0.0.1’; # You should redefine these values
my $CLILogin = ‘postmaster@domain’;
my $CLIPassword = ‘pass’;

My try…
my $LDAPServerAddress = ‘213.80.40.200’; # You should redefine these values
my $LDAPAdminDN = ‘uid=admin,cn=users,dc=10,dc=0,dc=0,dc=1’;
my $LDAPAdminPassword = ‘*****’;
my $LDAPSearchBase = ‘cn=users’;

my $CGServerAddress = ‘213.80.40.210’; # You should redefine these values
my $CLILogin = ‘postmaster@domain’;
my $CLIPassword = ‘**”;

—–
The CGP domain is sfg.a.se (costs $500 to change to sfg.se)
The OSX domain is sfg.se
—–

I think its about the syntax for accessing the LDAP
..any hints how to configure this script??

Joachim
[email protected]

[bschappel]

Line 86 of that script reads:

my $result=$ldap->bind("uid=$name,cn=$domain",password=>$password)

I found that I had to manually edit the search string. Let’s say my LDAP server has an FQDN of ldap.mydomain.com. I altered line 86 to read like this:

my $result=$ldap->bind("uid=$name,dc=ldap,dc=mydomain,dc=com",password=>$password)

and all of a sudden the script started working.

I hope this helps others.

[Author]

Posts