Multiple LDAP search domain configuration

how do you set up multiple base dn settings for LDAP calls in LiveCycle es2

Hi Conor,
The below links could be helpful to you :-
Forum thread:
Re: Delegated User Search returns first 200 entries only...?
How-to guide:
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/f0747ac2-ffd9-2910-de9a-8a3dc44da8b4
SAP Library:
http://help.sap.com/saphelp_nw04s/helpdata/en/b1/6a55422f4d3830e10000000a155106/frameset.htm
Regards,
Anagha

Similar Messages

  • Multiple LDAPS with same username!

    Hi,
    we have a case where we need to connect to multiple LDAP servers and configure SPNego for Kerberos authentication of portal. we have a problem in case of user names. some user names are same in both LDAPs. LDAPs are portal are positioned as (Landscape convension)
    LDAP1: xxxx.yyyy
    LDAP2: ssss.yyyy
    Portal  : pppp.gggg.yyyy
    where as gggg.yyyy is a trusted domain for both xxxx.yyyy and ssss.yyyy.
    we have login problem in same user case. (same user exist in xxxx.yyyy and ssss.yyyy). I haven't gone into details yet like logs and all troubleshooting stuff. Before doing all this just want to know your views whether I can do this or not. If I can achieve any suggentions how to proceed further?
    Regards
    Ravindra

    Hi,
    Kerberose (Spnego) is possible with multiple ADS data sources. Check SAP Note 1007227 and the below link.
    http://help.sap.com/saphelp_nw70/helpdata/en/45/40a320773a7527e10000000a114a6b/content.htm
    Regards
    Deb

  • Configuring Multiple LDAP Domains

    I am having trouble configuring multiple ldap domains for declarative security and form-based authentication.
    I have setup another instance of Directory Server on my local machine, on a different port. I want to be able to talk to this alternate directory server for form-based authentication and roles.
    I have tried to do this by following the instructions at http://docs.iplanet.com/docs/manuals/ias/60/sp3/admin/adbasica.htm#21662, but I've had no luck. Below are screenshots of my configuration. (I've attached a word document in case you don't have a HTML-enabled mail reader).

    My screenshots were wrong in the e-mail below, but correct in the attached word doc.
    ----- Original Message -----
    From: Matt Raible
    Newsgroups: iplanet.ias.general
    Sent: Wednesday, August 22, 2001 7:05 AM
    Subject: Configuring Multiple LDAP Domains
    I am having trouble configuring multiple ldap domains for declarative security and form-based authentication with iPlanet Application Server 6.0, SP3.
    I have setup another instance of Directory Server on my local machine, on a different port. I want to be able to talk to this alternate directory server for form-based authentication and roles.
    I have tried to do this by following the instructions at http://docs.iplanet.com/docs/manuals/ias/60/sp3/admin/adbasica.htm#21662, but I've had no luck. Below are screenshots of my configuration. (I've attached a word document in case you don't have a HTML-enabled mail reader).

  • How to configura multiple ldap server to the sun access manager

    Hi,
    please help how to configure multiple ldap server to the sun access manager, for example access manager does't find the user in ldap1 then it should search in ldap2.
    Thanks
    Mouli

    There�s no need for deleting the default amSDK based datastore because it�s needed for some default accounts.
    You may try to create the datastore using the commandline (amadmin)
    Have a look /etc/opt/SUNWam/config/xml/idRepoService.xml
    You may also try to create amadmin account in the external ldap directory.
    (Un)fortunately i�ve never tried to remove the default datastore.
    -Bernhard

  • Configuring Multiple LDAP Datasources in VDS

    Hi,
    I'm trying to configure multiple LDAP Datasources using VDS, one talking to AD and other to Novell eDir from VDS, my LDAP connection strings works well but when I start the service in VDS the service will never startup all I see is Exception null, it does not throw any exception at the same time it doesn't start up the service. I've tried configuring with signle Datasource which works fine. This is failing  when I combine those two datasources into one configuration. Have any configured multiple datasources with in VDS. Not sure if you have encountered any problems.
    Thanks,
    Joe.P

    Are you just trying to bring in two LDAP data sources or do a join between them? 
    Actually both I believe are considered types of joins.
    You cannot just define two datasources and expect them to show up.

  • Multiple Filters in a Generic ldap Search.

    Hi all,
    'am involved in developing a generic ldap search utility. I would like to know if there is a provision to give multiple filters while searching the LDAP.
    The scenario is like this,
    like if i give the search criteria as java ldapSearch "empid=111*" I will get a series of results.
    WHAT I WANT:
    Will i be able to specify something like empid=11* and lastname=xxx*.
    Any pointers on this would be of tremendous help.
    Anticipating a reply.
    Regards,
    Sathya Sayee.S

    You can use | as 'or condition'. For example the condition
    sn=foo and (email=[email protected] or email=[email protected])
    (&(sn=foo) (|(email=[email protected]) (email=[email protected]))
    the operator are :
    AND : &
    OR : |
    NOT : !
    the notation works as HP calculator notation
    Simon Pierre NOLIN

  • Configure DNS & Search Domains in TCP/IP Settings via Terminal?

    HI Folks,
    I've been having a long standing battle trying to find out what is wrong with my machine, it's been running like a dog for a while and having recently added 2 new Macs to our network i recall that there was a setting missing - namely within the TCP/IP settings for the Built In Ethernet, the DNS Servers and Search Domains are not configured on my machine, but are on the new ones i've added (mine was my new foray into Macs so i maybe set it up wrong!)
    However the main problem occurs when i try to edit the settings for the above from within System Preferences -> Network, i get a spinning beach ball of doom and have to Force Quit. Yet oddly i can access the setting fine when i am at home and not connected to the AD of the Windows Server Environment... which makes me think the events could be linked.... i thought it may have been Parallels and it's NAT settings, but given that all works perfectly at home i'm not so sure. Hence, as a process of elimination i'd like to try and get the correct settings for Search Domain etc to see if it helps, before i flatten the machine and reinstall Tiger completely!
    The main issues i've been having with the machine can be found here:
    http://discussions.apple.com/thread.jspa?threadID=854009&tstart=0
    Thanks
    Scott
    MBP 2.0Ghz, 2Gb RAM, 100Gb 7200rpm   Mac OS X (10.4.9)   Parallels

    Hi Phil (and others!)
    I opted for the easy choice, which did work... and have added the Search Domain info etc whilst at home... and touch wood today things seem to be working better, i can easily access network preferences etc and have had no hanging apps as yet...
    I did try and use different locations for work and home, but sadly i ended up with a spinning beach ball of doom when i tried to change the location at work, so it was a slightly pointless exercise!!!
    The lookupd -configuration printout is as follows (no idea if it's useful in any way!)
    ConfigSource: default
    LookupOrder: Cache NI DS
    MaxIdleServers: 4
    MaxIdleThreads: 2
    MaxThreads: 64
    TimeToLive: 43200
    Timeout: 30
    ValidateCache: YES
    ValidationLatency: 15
    configname: Global Configuration
    LookupOrder: Cache FF DNS NI DS
    configname: Host Configuration
    LookupOrder: Cache FF NI DS
    configname: Service Configuration
    LookupOrder: Cache FF NI DS
    configname: Protocol Configuration
    LookupOrder: Cache FF NI DS
    configname: Rpc Configuration
    TimeToLive: 60
    ValidateCache: NO
    configname: Group Configuration
    TimeToLive: 300
    ValidateCache: NO
    configname: Initgroup Configuration
    LookupOrder: Cache FF DNS NI DS
    configname: Network Configuration
    Thanks
    Scott
    MBP 2.0Ghz, 2Gb RAM, 100Gb 7200rpm   Mac OS X (10.4.9)   Parallels

  • Configure Search Domains

    At our corporate office, we need to enter specific search domains for each of our mobile devices.  I'd like to avoid having to enter these search domains manually into every device.  I tried to use Profile Manager to make a profile to send out, but the search domains option isn't configurable.  Is there any way to push this to all of the devices without having to input it manually on each device?

    Hi Phil (and others!)
    I opted for the easy choice, which did work... and have added the Search Domain info etc whilst at home... and touch wood today things seem to be working better, i can easily access network preferences etc and have had no hanging apps as yet...
    I did try and use different locations for work and home, but sadly i ended up with a spinning beach ball of doom when i tried to change the location at work, so it was a slightly pointless exercise!!!
    The lookupd -configuration printout is as follows (no idea if it's useful in any way!)
    ConfigSource: default
    LookupOrder: Cache NI DS
    MaxIdleServers: 4
    MaxIdleThreads: 2
    MaxThreads: 64
    TimeToLive: 43200
    Timeout: 30
    ValidateCache: YES
    ValidationLatency: 15
    configname: Global Configuration
    LookupOrder: Cache FF DNS NI DS
    configname: Host Configuration
    LookupOrder: Cache FF NI DS
    configname: Service Configuration
    LookupOrder: Cache FF NI DS
    configname: Protocol Configuration
    LookupOrder: Cache FF NI DS
    configname: Rpc Configuration
    TimeToLive: 60
    ValidateCache: NO
    configname: Group Configuration
    TimeToLive: 300
    ValidateCache: NO
    configname: Initgroup Configuration
    LookupOrder: Cache FF DNS NI DS
    configname: Network Configuration
    Thanks
    Scott
    MBP 2.0Ghz, 2Gb RAM, 100Gb 7200rpm   Mac OS X (10.4.9)   Parallels

  • Multiple domain configurations

    Hi,
    We have about 140 interfaces to be run in 11g Fusion environment(s) handling moderate volume of data and another set of interfaces which will run high volume (several millions per hours) data. I am wondering what kind of domain configurations will be best. Right now we have a two node cluster running a single weblogic domain which has about 70 interfaces(moderate volume), the managed servers are SOA server, BAM server and WSM server.
    I am thinking about two other domains which will have the same set of managed servers, one for the second set of 70 interfaces (moderate volume) and another one for the high volume transactions. The domains will be on a single installation of SOA suite. Can you please let me know from your experience what are other choices I have which will be better than this configuration. For example a totally separate installation in a different machines(or the same machines). Same domain, but adding more memory/database resources. etc.
    Thanks.

    Hi Venura,
    You can do this in Project Properties. On the Profiles page, click New... to create a new profile. You can change many of the runtime settings associated with the project for each individual profile.
    Thanks,
    Brian
    JDev Team

  • Multiple LDAPs with SSO Kerberos

    Hello,
    Right now I'm using SAP EP 7.0 EHP1 with one LDAP and everything is working fine. However, I have to integrate two new enterprises to the same SAP EP with different domains and differents LDAP's. I see some information about how to integrate the LDAP's but I want to know what is going to happend with the SSO configuration. How can I enable the same SSO functionality to the new enterprises with multiple LDAP's?
    Please, any ideas? Maybe someone have information about this topic

    Hi,
    Kerberose (Spnego) is possible with multiple ADS data sources. Check SAP Note 1007227 and the below link.
    http://help.sap.com/saphelp_nw70/helpdata/en/45/40a320773a7527e10000000a114a6b/content.htm
    Regards
    Deb

  • Multiple DNS Search Suffixes

    Does anyone know whether it is possible to set more than one DNS search domain for a dial in VPN user?
    We currently have a group policy setting below and would like to add domain-b.co.uk to the list of search domains
    group-policy RemoteUsers attributes
    wins-server value x.x.x.x y.y.y.y
    dns-server value a.a.a.a b.b.b.b
    vpn-idle-timeout 30
    vpn-session-timeout 300
    vpn-filter value vpn-filter
    vpn-tunnel-protocol IPSec
    split-tunnel-policy tunnelspecified
    split-tunnel-network-list value RemoteUsers_splitTunnelAcl
    default-domain value domain-a.co.uk

    Hi,
    According to your description, my understanding is that tool SIEM prompts multiple DNS error NO SUCH NAME for Local IP.
    I am wondering which SIEM tool have you used. If it is a 3rd-party tool, I recommend you to contact the vendor/supporter for detailed information about this error.
    I am not sure about the environment you have configured and which version of OS used. In general, for windows system, we may use built-in tool, such as event viewer, performance monitor to collect detailed information about error or warning. Besides, monitor
    tool such as Network Monitor(http://www.microsoft.com/en-us/download/details.aspx?id=4865) is also helpful to capture packets for further troubleshooting.
    Best Regards,
    Eve Wang
    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

  • Multiple LDAP Providers?

    Is it possible to have multiple LDAP providers configured within one UCM instance?
    Users from A.DOMAIN.COM and users from B.DOMAIN.COM can authenticate with and share one UCM? This is of course not taking into consideration how security would be set up behind the scenes.. this is more of a 'what if...' question. We would want the users authenticating against their domain accounts in their respective domains.
    If it makes any difference, A & B are Active Directory domains in a two-way trusted relationship that belong to the common DOMAIN.COM forest.
    Thanks

    Hey Peter,
    This use case can be handled. If you notice in the documentation for security
    [Seen Here|http://download.oracle.com/docs/cd/E10316_01/cs/cs_doc_10/admin/users_security/wwhelp/wwhimpl/common/html/wwhelp.htm?context=managing_security_10&file=page_7_17.htm]
    You can set up additional LDAP providers. In this documentation, they are referencing fail-over, however, this will work for your case, with various users are in LDAP B vs LDAP A.
    Keep in mind that you need to set the provider priority to be different than your first provider, such as priority 1, then priority 2 and that all users will hit the first provider first if they have never logged in, however, their last success log in with X provider will be saved so all subsequent requests will go to the proper ldap provider.
    -AJ LaVenture
    Software Consultant
    www.fishbowlsolutions.com

  • Cisco ACS 5.2 authentication against multiple LDAP servers

    Hi Folks,
    I have a wireless network that uses ACS 5.2 to handle authentication.   The ACS is integrated with an Active Directory LDAP server (my_ldap) and is working correctly at the moment.    The authentication flow looks like this:
     - User tries to associate to WLAN
     - Authentication request is sent to ACS
     - Service selection rule chooses an access-policy (wireless_access_policy)
     - wireless_access_policy is configured to use my_ldap as identity source.
    A sister company is about to move into our offices, and will need access to the same WLAN.    Users in the sister company are members of a separate AD domain (sister_company_ldap).    I would like to modify the wireless_access_policy so that when it receives an authentication request it will query both my_ldap and sister_company_ldap, and return a passed authentication if either attempt is successful.     Is this possible?

    Assuming you're already authenticating using your AD binding and AD1 as your identity source, you can add a further LDAP server as another identity source and add this to your identity store sequence in your access policy to authenticate against both.
    You can also add multiple LDAP servers and add them both to the identity store sequence (if you're not using AD1).

  • Open Directory, third party LDAP search path problem on Snow Leopard

    Happy new year folks,
    I ran into an interesting problem this past week in regards to a third party LDAP directory in the Search path (which used to work on previous versions). The issue brings the server to its knees eventually. I'm still digging through the logs, but here's the general breakdown...
    1. Add third-party LDAP to the OD node list. This has always worked on previous versions, and appears to still work at the most basic level. I can navigate the node with DSCL, read records, etc.
    1. Add third-party LDAP to the OD search path.
    2. Wait a few minutes....
    3. The server begins to slow down. Apache, SSH, ServerAdmin service stop responding. I'm able to run "top" briefly, which shows an increase of threads.
    4. Restart the server and quickly remove the directory from the OD search path
    5. Server goes back to being rock solid with very nice response times for Apache, SSH, ServerAdmin, etc.
    If anyone has any debugging suggestions, or has seen this before, let me know.
    Jaime
    --- Below is some console output leading up to the chaos. Before adding to search path, everything looks good --------------------
    bash-3.2# dscl
    Entering interactive mode... (type "help" for commands)
    read /LDAPv3/ldap.itd.umich.edu/Users/jaimelm cn
    dsAttrTypeNative:cn:
    Jaime Magiera
    Jaime L Magiera 1
    Jaime L Magiera
    --- Add to Search Path, which hangs ------------------------------------------------------------------------------
    bash-3.2# dscl /Search -append / CSPSearchPath /LDAPv3/ldap.itd.umich.edu
    --- DSCL in debug mode contains the following ----------------------------------------------
    2010-01-01 19:26:25 EST - T[0x00000001037A5000] - Client: ipfw, PID: 1097, API: libinfo, Server Used : libinfomig DAR : Procedure = getprotobynumber (13) : Result code = 0
    2010-01-01 19:26:25 EST - T[0x00000001037A5000] - Client: sso_util, PID: 1103, API: dsFindDirNodes(), Server Used : DAR : 1 : Dir Ref = 16779669 : Requested nodename = /Search
    2010-01-01 19:26:25 EST - T[0x00000001037A5000] - Plug-in call "dsDoPlugInCustomCall()" failed with error = -14292.
    2010-01-01 19:26:25 EST - T[0x00000001037A5000] - Port: 27151 Call: dsDoPlugInCustomCall() == -14292
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - Client: dscl, PID: 1114, API: dsFindDirNodes(), Server Used : DAR : 1 : Dir Ref = 16779
    707 : Requested nodename = /LDAPv3/ldap.itd.umich.edu
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - Client: dscl, PID: 1114, API: dsFindDirNodes(), Server Used : DAR : 2 : Dir Ref = 16779707 : Result code = 0
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - Client: dscl, PID: 1114, API: dsVerifyDirRefNum(), Server Used : DAC : Dir Ref 167797072010-01-01 19:26:36 EST - T[0x00000001037A5000] - Client: dscl, PID: 1114, API: dsVerifyDirRefNum(), Server Used : DAR : Dir Ref 16779707
    : Result code = 0
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - Client: dscl, PID: 1114, API: dsFindDirNodes(), Server Used : DAC : Dir Ref 16779707 :
    Data buffer size = 1282010-01-01 19:26:36 EST - T[0x00000001037A5000] - Client: dscl, PID: 1114, API: dsFindDirNodes(), Server Used : DAR : 1 : Dir Ref = 16779
    707 : Requested nodename = ConfigNode2010-01-01 19:26:36 EST - T[0x00000001037A5000] - Client: dscl, PID: 1114, API: dsFindDirNodes(), Server Used : DAR : 2 : Dir Ref = 16779
    707 : Result code = 0
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - Client: Requesting dsOpenDirNode with PID = 1114, UID = 0, and EUID = 0
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - Client: dscl, PID: 1114, API: dsOpenDirNode(), Configure Used : DAC : Dir Ref = 16779707 : Node Name = /Configure
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - Client: dscl, PID: 1114, API: dsOpenDirNode(), Configure Used : DAR : Dir Ref = 1677970
    7 : Node Ref = 33556926 : Result code = 0
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - Client: dscl, PID: 1114, API: dsVerifyDirRefNum(), Server Used : DAC : Dir Ref 16779707
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - Client: dscl, PID: 1114, API: dsVerifyDirRefNum(), Server Used : DAR : Dir Ref 16779707 : Result code = 0
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - Client: dscl, PID: 1114, API: dsGetDirNodeInfo(), Configure Used : DAC : Node Ref = 33556926 : Requested Attrs = dsAttrTypeStandard:OperatingSystemVersion : Attr Type Only Flag = 0
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - Client: dscl, PID: 1114, API: dsGetDirNodeInfo(), Configure Used : DAR : Node Ref = 33556926 : Result code = 0
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - Client: dscl, PID: 1114, API: dsGetDirNodeInfo(), Search Used : DAC : Node Ref = 33556924 : Requested Attrs = dsAttrTypeStandard:LSPSearchPath : Attr Type Only Flag = 0
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - Client: dscl, PID: 1114, API: dsGetDirNodeInfo(), Search Used : DAR : Node Ref = 33556924 : Result code = 0
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - Client: dscl, PID: 1114, API: dsDoPlugInCustomCall(), Search Used : DAC : Node Ref = 33556924 : Request Code = 444
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - Checking for Search Node XML config file:
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - /Library/Preferences/DirectoryService/SearchNodeConfig.plist
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - Have written the Search Node XML config file:
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - /Library/Preferences/DirectoryService/SearchNodeConfigBackup.plist
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - Setting search policy to Custom search
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - CSearchPlugin::SwitchSearchPolicy: switch - reachability of node </LDAPv3/127.0.0.1> retained as <true>
    2010-01-01 19:26:36 EST - T[0x000000010070A000] - CSearchPlugin::CheckNodes: checking network node reachability on search policy 0x0000000000002201
    2010-01-01 19:26:36 EST - T[0x00000001037A5000] - CCachePlugin::EmptyCacheEntryType - Request to empty all types - Flushing the cache
    2010-01-01 19:26:36 EST - T[0x000000010070A000] - Client: Requesting dsOpenDirNode with PID = 0, UID = 0, and EUID = 0
    2010-01-01 19:26:36 EST - T[0x000000010070A000] - Internal Dispatch, API: dsOpenDirNode(), LDAPv3 Used : DAC : Dir Ref = 16777216 : Node Name = /LDAPv3/127.0.0.1
    2010-01-01 19:26:36 EST - T[0x000000010070A000] - Internal Dispatch, API: dsOpenDirNode(), LDAPv3 Used : DAR : Dir Ref = 16777216 : Node Ref = 33556929 : Result code = 0
    2010-01-01 19:26:36 EST - T[0x000000010070A000] - CSearchPlugin::CheckNodes: calling dsOpenDirNode succeeded on node </LDAPv3/127.0.0.1>
    2010-01-01 19:26:36 EST - T[0x000000010070A000] - Internal Dispatch, API: dsCloseDirNode(), LDAPv3 Used : DAC : Node Ref = 33556929
    2010-01-01 19:26:36 EST - T[0x000000010070A000] - Internal Dispatch, API: dsCloseDirNode(), LDAPv3 Used : DAR : Node Ref = 33556929 : Result code = 0
    2010-01-01 19:26:36 EST - T[0x0000000103181000] - mbr_mig - dsFlushMembershipCache - force cache flush (internally initiated)
    2010-01-01 19:26:36 EST - T[0x000000010070A000] - Client: Requesting dsOpenDirNode with PID = 0, UID = 0, and EUID = 0
    2010-01-01 19:26:36 EST - T[0x0000000103181000] - Membership - dsNodeStateChangeOccurred - flagging all entries as expired
    2010-01-01 19:26:36 EST - T[0x000000010070A000] - Internal Dispatch, API: dsOpenDirNode(), LDAPv3 Used : DAC : Dir Ref = 16777216 : Node Name = /LDAPv3/ldap.itd.umich.edu
    2010-01-01 19:26:36 EST - T[0x000000010070A000] - CLDAPNodeConfig::InternalEstablishConnection - Node ldap.itd.umich.edu - Connection requested for read
    2010-01-01 19:26:36 EST - T[0x000000010070A000] - CLDAPNodeConfig::FindSuitableReplica - Node ldap.itd.umich.edu - Attempting Replica connect to 141.211.93.133 for read
    2010-01-01 19:26:36 EST - T[0x0000000102481000] - CCachePlugin::SearchPolicyChange - search policy change notification, looking for NIS
    2010-01-01 19:26:36 EST - T[0x0000000102481000] - Internal Dispatch, API: dsGetDirNodeInfo(), Search Used : DAC : Node Ref = 33554436 : Requested Attrs = dsAttrTypeStandard:SearchPath : Attr Type Only Flag = 0
    ------- From another screen, I do "id jaimelm", which hangs ------------------------------------------------------------------------
    : Requested Rec Names = jaimelm : Rec Name Pattern Match:8449 = eDSiExact : Requested Rec Types = dsRecTypeStandard:Users
    2010-01-01 19:36:55 EST - T[0x00000001082A2000] - Internal Dispatch, API: dsGetRecordList(), Search Used : DAC : 2 : Node Ref = 33554436 : Requested Attrs = dsAttrTypeStandard:AppleMetaNodeLocation;dsAttrTypeStandard:RecordName;dsAttrTy peStandard:Password;dsAttrTypeStandard:UniqueID;dsAttrTypeStandard:GeneratedUID; dsAttrTypeStandard:PrimaryGroupID;dsAttrTypeStandard:NFSHomeDirectory;dsAttrType Standard:UserShell;dsAttrTypeStandard:RealName;dsAttrTypeStandard:Keywords : Attr Type Only Flag = 0 : Record Count Limit = 1 : Continue Data = 0
    2010-01-01 19:37:03 EST - T[0x0000000108325000] - Client: httpd, PID: 157, API: mbr_syscall, Server Used : process kauth result 0x0000000102022B30
    2010-01-01 19:37:03 EST - T[0x00000001083A8000] - Client: httpd, PID: 151, API: mbr_syscall, Server Used : process kauth result 0x0000000102022C50
    2010-01-01 19:37:05 EST - T[0x000000010842B000] - Client: httpd, PID: 203, API: mbr_syscall, Server Used : process kauth result 0x0000000102022D70
    2010-01-01 19:37:15 EST - T[0x00000001084AE000] - Client: httpd, PID: 994, API: mbr_syscall, Server Used : process kauth result 0x0000000102023890
    2010-01-01 19:37:26 EST - T[0x0000000108531000] - Client: httpd, PID: 198, API: mbr_syscall, Server Used : process kauth result 0x0000000102023980
    2010-01-01 19:37:31 EST - T[0x00000001085B4000] - Client: httpd, PID: 161, API: mbr_syscall, Server Used : process kauth result 0x0000000~

    Hi
    I'm in agreement with harry here but what I'm struggling to understand is why you are seeing this as a problem? I'm also struggling to see this as being a possibility in a single server environment if I understand your post correctly?
    Promotion to OD Master with all that entails absolutely rests on a properly configured and tested internal DNS Service. The Kerberos Realm's foundation (and with that the ability of the server to perform its function as KDC and offer LDAP services) entirely depends on what is configured in the DNS Service. This will include the server name, domain name and tld. The Kerberos Realm automatically configures itself using that information. Likewise the searchbase.
    Its more than possible to change the Realm name and with it the LDAP search base (in certain circumstances) and have an OD Master, however Kerberos won't start it won't need to as the KDC will be elsewhere. You generally see this when augmenting Windows AD with MCX. In that situation Realm name and search base will reflect what is set on the Active Directory. Client computers will use what is set there for contact and authentication information before looking at the OD Master for anything else.
    Does this help? Tony

  • Cant Edit Ldap Search Base in Open Directory

    Greetings ,
    My ldap search base wrong in my open directory . I have tried converting the server to standalone and back to a directory master and it still retains the old search base. How do i get rid of this, as it is causing problems.
    Thanks In Advance

    Any resolution to this? I am trying to configure OD and it's NOT using our FQDN for the server as the search base... instead of server.domain.NET it is putting in server.domain.COM - pretty sure that will cause problems.
    I ran host <ip address> and checked our DNS settings on the server and everything is configured as .NET - cannot find this .COM anywhere. Am NOT in a position to do an uninstall and re-install as many folks have seemed to have done.
    Mike

Maybe you are looking for

  • Can you move events and projects to disk images in iMovie 11?

    iMovie 08 allowed you to move events to disk images and keep them there. In other words iMovie 08 saw disk images the same as a hard disk. iMovie 09 lost this and could not recognize disk images. Can an iMovie 11 owner tell me if this functionality h

  • Pages - Tables (and Charts) - how to make a list

    Hello everyone! Question. How do I name the tables? Underneath the table. E.g. Table 1 - Statistical Data. And then have pages keep track of all tables in a document, in a separate list at the beginning of a document (with perhaps an ability of track

  • Applet communicate Servlet Problem

    Hi all, I wrote an application which is Applet communicates to Servlet with HttpURLConnection)url.openConnection() method, but sometime I get SocketException because "No processor available" on the server, this happens when two user do the same thing

  • Sqlcxt function results in SIGBUS error durring runtime

    I am running a daemon compiled with gcc and proc compiler.It gets a SIGBUS error after we upgraded from 8.1.5 to 8.1.7.I was able to find that the failure occuered on sqlcxt call. The end result is a SIGBUS ERROR 10 and a core. --- core interpreted b

  • TS1441 ipod doesn't show up in itunes or even in my disc utility..

    So I have an Ipod classic 160gb and the "Use itunes to Resore" picture showed up on my screen.  When i plugged it into my laptop the device didn't show up in my itunes or even on my laptop.  The ipod's screen is frozen and reads "do not disconnect".