How to configure LDAP integration with Novell eDirectory

Document ID : KB000027385
Last Modified Date : 14/02/2018
Show Technical Document Details

Problem:

Within eDirectory organization units can be created at the next level down from the top of the eDirectory Tree, therefore users can be set up below any of these organization units.

When configuring Service Desk LDAP integration only one organization unit at a time can be made available from which the eDirectory users are available via LDAP Merge etc; this is because only a single unit will work for the ldap_search_base option, o=<eDirectory organization unit>.

Testing the LDAP connection is done by running ldap_test.

-If users are spread across multiple units and ldap_search_base has multiple entries, separated by commas, the following will be noted when running ldap_test:

LDAP service type=novell
Service Desk platform=windows
Using search base=O=UNIT1,O=UNIT2,O=UNIT3,O=UNIT4,O=UNIT5 Using filter=(objectClass=person)
ldap_init(192.168.1.140,389): (Success)
ldap_bind_s(CN=admin,O=UNIT1) (Success)
LDAP API Verion 3
ANSI Code Page 1252
ldap_search_st() (No Such Object)

-If no value is specified against ldap_search_base, the error will be noted as:

LDAP service type=novell
Service Desk platform=windows
Using search base=NoVaLue
Using filter=(objectClass=person)
ldap_init(192.168.1.140,389): (Success)
ldap_bind_s(CN=admin,O=UNIT1) (Success)
LDAP API Verion 3
ANSI Code Page 1252
ldap_search_st() (Invalid DN Syntax)

Resolution:

In order for Service Desk LDAP integration to traverse across multiple organization units within eDirectory, and to drill down to the users spread across these units, use the eDirectory TreeName attribute in the ldap_search_base option:

T=<TreeName>