Hi,
Scratch this I figured it out.  It turns out the commas in the DN of the authenticating user need to be replaced by %2c, aka the hexadecimal representation for a comma.  I wish that was documented better.
Jim

--
Jim Howell
Cornell University
CIT Infrastructure, Unified Comm.
Msging Group, Lead Email Specialist
email: jwh2@cornell.edu
Phone: 607-255-9369

From: Jim Howell <jwh2@cornell.edu>
Date: Wednesday, July 25, 2012 11:09 AM
To: "perdition-users@vergenet.net" <perdition-users@vergenet.net>
Subject: [PERDITION-USERS] authenticated LDAP issue

Hi,
I'm trying to have Perdition use Active Directory as it's source of information but can't seem to get it to authenticate.  This is Perdition v1.19-rc5 on Redhat Linux

88 %uname -a
Linux alva03 2.6.18-308.1.1.el5 #1 SMP Fri Feb 17 16:51:01 EST 2012 x86_64 x86_64 x86_64 GNU/Linux


Here is my lookup


#define PERDITIONDB_LDAP_DEFAULT_URL \
  "ldap://query.ad.cornell.edu/DC=cornell,DC=edu?cn,extensionAttribute15?sub?(cn=%s)?!bindname=cn=perdition,ou=CITExchangeObjects,D
C=cornell,DC=edu,x-bindpw=SECRET"

It keeps giving me an error with credentials.

Jul 25 10:39:15 alva03 perdition.pop3[21678]: dbserver_get2: jwh binddn cn=perdition bindpw SECRET
Jul 25 10:39:15 alva03 perdition.pop3[21678]: dbserver_get2: err ldap_bind_s: Invalid credentials binddn cn=perdition bindpw SECRET


I have managed to get it working against a different test LDAP server that accepts anonymous binds just fine.  But I really do need to get the authenticated version to work. Any suggestions?

Jim


--
Jim Howell
Cornell University
CIT Infrastructure, Unified Comm.
Msging Group, Lead Email Specialist
Phone: 607-255-9369