Can't get LDAP to work

Posted: 02-19-2004, 04:07 PM
I'm using the latest version of Office and running 10.2.8. I've
successfully connected and have been using Entourage with our Exchange 2000
server since the Office 10.1.4 update came out last year. I can send and
receive mail, all my contacts and calendar events are synchronized--I can
even get the "free/busy" scheduling info to appear.

What I can't figure out is LDAP. I cannot get Directory Services to work.

We have tried everything, and I've read every related article I can find.
Yes, I've tried everything suggested by http://www.entourage.mvps.org. Many
times. I've played with every LDAPv2 and LDAPv3 setting on my iMac. I've
found the Microsoft support bulletin ("Microsoft Knowledge Base Article -
824887") that describes the error I get ("-3260: LDAP Server error, a
connection failure has occurred"). I've checked with our system
administrator here, and everything that we can think of appears to be
running OK on the Exchange 2000 server.

We've tried different port settings, authentication settings... You name it.
I've scoured every newsgroup I could think of through Google Groups. I've
tried every suggestion I found--but nothing works.

What are we overlooking? Does anyone have suggestions? Is there a switch on
the Exchange server that you've found that's not obvious---that needs to be
enabled for LDAP to work? Again, remember that everything else about the
Entourage / Exchange connection is working fine for me, INCLUDING
"free/busy" scheduling information.

Any help greatly appreciated.

Thanks,
Rick


Can't get LDAP to work


Reply With Quote

Responses to "Can't get LDAP to work"

Adam Bailey
Guest
Posts: n/a
 
Re: Can't get LDAP to work
Posted: 02-19-2004, 05:39 PM
Rick Copeland <rcopeland@asdflkjh.munis.com> wrote:
> What I can't figure out is LDAP. I cannot get Directory Services to work.
>
> We have tried everything, and I've read every related article I can find.
> Yes, I've tried everything suggested by http://www.entourage.mvps.org. Many
> times. I've played with every LDAPv2 and LDAPv3 setting on my iMac. I've
> found the Microsoft support bulletin ("Microsoft Knowledge Base Article -
> 824887") that describes the error I get ("-3260: LDAP Server error, a
> connection failure has occurred").
What happens if you add your Exchange server as a separate LDAP server?

Does your LDAP server require authentication? There's an AppleScript that
stops Entourage from authenticating with an LDAP server that doesn't require
it.

--
Adam Bailey | Chicago, Illinois
adamb@lull.org | Finger/Web for PGP & S/MIME
adamkb@aol.com | http://www.lull.org/adam/
Reply With Quote
Rick Copeland
Guest
Posts: n/a
 
Re: Can't get LDAP to work
Posted: 02-19-2004, 06:32 PM
Tried both already. But just to be sure, I tried them both again. Same
result, same error message.

Rick


On 2/19/04 12:39, in article slrnc39t76.rt6.adamb@typhoon.xnet.com, "Adam
Bailey" <adamb@lull.org> wrote:
> Rick Copeland <rcopeland@asdflkjh.munis.com> wrote:
>> What I can't figure out is LDAP. I cannot get Directory Services to work.
>>
>> We have tried everything, and I've read every related article I can find.
>> Yes, I've tried everything suggested by http://www.entourage.mvps.org. Many
>> times. I've played with every LDAPv2 and LDAPv3 setting on my iMac. I've
>> found the Microsoft support bulletin ("Microsoft Knowledge Base Article -
>> 824887") that describes the error I get ("-3260: LDAP Server error, a
>> connection failure has occurred").
>
> What happens if you add your Exchange server as a separate LDAP server?
>
> Does your LDAP server require authentication? There's an AppleScript that
> stops Entourage from authenticating with an LDAP server that doesn't require
> it.

Reply With Quote
Adam Bailey
Guest
Posts: n/a
 
Re: Can't get LDAP to work
Posted: 02-19-2004, 06:47 PM
Rick Copeland <rcopeland@asdflkjh.munis.com> wrote:
> Tried both already. But just to be sure, I tried them both again. Same
> result, same error message.
Does Apple's Address Book application work with the server?

--
Adam Bailey | Chicago, Illinois
adamb@lull.org | Finger/Web for PGP & S/MIME
adamkb@aol.com | http://www.lull.org/adam/
Reply With Quote
Rick Copeland
Guest
Posts: n/a
 
Re: Can't get LDAP to work
Posted: 02-19-2004, 07:17 PM
That's one thing I forgot to mention in my original post. No, the Address
Book doesn't work, either. Never has.

Rick


On 2/19/04 13:47, in article slrnc3a16b.7md.adamb@typhoon.xnet.com, "Adam
Bailey" <adamb@lull.org> wrote:
> Rick Copeland <rcopeland@asdflkjh.munis.com> wrote:
>> Tried both already. But just to be sure, I tried them both again. Same
>> result, same error message.
>
> Does Apple's Address Book application work with the server?

Reply With Quote
Corentin Cras-Méneur [MVP]
Guest
Posts: n/a
 
Re: Can't get LDAP to work
Posted: 02-19-2004, 10:05 PM
Rick Copeland <rcopeland@asdflkjh.munis.com> wrote:
> That's one thing I forgot to mention in my original post. No, the Address
> Book doesn't work, either. Never has.
I had a similar problem up until I decided to dig in the system settings
through the Directory Access application.
I configured the WINS settings (through the SMB settings), enabled
Active Directory as well as the LDAP settings in there (including the
authentication) and since then I have access to the LDAP server (you
need to reboot).

Did you do that ??


Corentin



--
--- Mac:MS MVP (Francophone) ---
(MS) MVP: http://mvp.support.microsoft.com/
MVPs.org: http://www.mvps.org/
Retirez NoSpam de mon adresse pour m'écrire/Remove NoSpam to e-mail me
Reply With Quote
Rick Copeland
Guest
Posts: n/a
 
Re: Can't get LDAP to work
Posted: 02-20-2004, 02:11 PM
Corentin,

Well, I've certainly played around in Directory Access enough... But what
you've suggested hasn't worked, either. Same error. Also, there are many,
many settings in Directory Access. Can you be more specific about what
you've used? I know my network is obviously going to be different than
yours, but if I know the details of your settings, perhaps I can alter mine
accordingly.

For example, under the SMB settings, do you have a workgroup specified? Are
you using LDAPv2 or LDAPv3 (or both)? Under LDAPv3, are you using a
DHCP-supplied LDAP server? Is your "LDAP Mapping" set to "Active
Directory"? What Search Base Suffix do you use (if any)? Have you made any
modifications to "Search and Mappings"? And so on...

Feel free to e-mail me directly if you feel that we should take this
discussion off-line for a while. I'm not trying to exclude the newsgroup (I
will post the final answer) but I don't want to bore everyone with the
details, either.

Thanks in advance. I really appreciate your help. This has been driving me
crazy for months!

Rick



On 2/19/04 17:05, in article
1g9euxe.1hsv9p41gl95e2N%korventeen@NoSpam.mvps.org , "Corentin Cras-Méneur
[MVP]" <korventeen@NoSpam.mvps.org> wrote:
> Rick Copeland <rcopeland@asdflkjh.munis.com> wrote:
>
>> That's one thing I forgot to mention in my original post. No, the Address
>> Book doesn't work, either. Never has.
>
> I had a similar problem up until I decided to dig in the system settings
> through the Directory Access application.
> I configured the WINS settings (through the SMB settings), enabled
> Active Directory as well as the LDAP settings in there (including the
> authentication) and since then I have access to the LDAP server (you
> need to reboot).
>
> Did you do that ??
>
>
> Corentin
>
>

Reply With Quote
Corentin Cras-Méneur [MVP]
Guest
Posts: n/a
 
Re: Can't get LDAP to work
Posted: 02-20-2004, 04:27 PM
Rick Copeland <rcopeland@asdflkjh.munis.com> wrote:
> Corentin,
>
> Well, I've certainly played around in Directory Access enough... But what
> you've suggested hasn't worked, either. Same error. Also, there are many,
:-<
> many settings in Directory Access. Can you be more specific about what
> you've used? I know my network is obviously going to be different than
> yours, but if I know the details of your settings, perhaps I can alter mine
> accordingly.
I enabled
- Active directory (no specific setting)

- LDAPv3 (add a configuration with port and authentication info and
mapped through Active Directory - use "Modify" for the details)

- SMB (with the proper group and WINS host).
> For example, under the SMB settings, do you have a workgroup specified? Are
Yes.
> you using LDAPv2 or LDAPv3 (or both)? Under LDAPv3, are you using a
> DHCP-supplied LDAP server? Is your "LDAP Mapping" set to "Active
> Directory"? What Search Base Suffix do you use (if any)? Have you made any
> modifications to "Search and Mappings"? And so on...
I'm using v3, LDAP through Active directory (no path specified), not
through DHCP, I added the address and port of the server manually, as
well as my login and password which are required here to access the
server.
> Feel free to e-mail me directly if you feel that we should take this
> discussion off-line for a while. I'm not trying to exclude the newsgroup (I
> will post the final answer) but I don't want to bore everyone with the
> details, either.
Well, these details might be interesting/helpful for other people with
similar problems. It's not the first time the problem rizes and probably
not the last time either. It took me a very long time to get this to
work here. These settings are not so obvious and even on our Network, I
couldn't find a net-admin with all the information I needed to set that
up properly.
> Thanks in advance. I really appreciate your help. This has been driving me
> crazy for months!

Yeah, I know the feeling :-\


Corentin



--
--- Mac:MS MVP (Francophone) ---
(MS) MVP: http://mvp.support.microsoft.com/
MVPs.org: http://www.mvps.org/
Retirez NoSpam de mon adresse pour m'écrire/Remove NoSpam to e-mail me
Reply With Quote
Rick Copeland
Guest
Posts: n/a
 
Re: Can't get LDAP to work
Posted: 02-20-2004, 09:03 PM
Corentin,

Sigh... Still not working. I have followed everything you suggested. I
rebooted. Still no LDAP connectivity from Entourage or Address Book.

I'm struggling to even ask the right questions, since I'm not sure what's
really "broken"... But two things come to mind:

(1) You mentioned "LDAPv3 (add a configuration with port and authentication
info and mapped through Active Directory - use "Modify" for the details)"...
I didn't see a "Modify" option; plus, what details, specifically?

(2) Would your net-admin be able to tell me what are the specific settings
that were enabled on the Exchange Server?

And finally, I know this is a lot to ask, but is there any way you can send
me screen shots of your settings in Directory Access?? That would provide
me with all the details (without you having to type them) and would ensure
that I'm doing things exactly as you describe them... If this is too much
trouble, I understand.

Thanks in advance,
Rick


On 2/20/04 11:27, in article
1g9g9za.7buje912nqjt6N%korventeen@NoSpam.mvps.org, "Corentin Cras-Méneur
[MVP]" <korventeen@NoSpam.mvps.org> wrote:
> Rick Copeland <rcopeland@asdflkjh.munis.com> wrote:
>
>> Corentin,
>>
>> Well, I've certainly played around in Directory Access enough... But what
>> you've suggested hasn't worked, either. Same error. Also, there are many,
>
> :-<
>
>> many settings in Directory Access. Can you be more specific about what
>> you've used? I know my network is obviously going to be different than
>> yours, but if I know the details of your settings, perhaps I can alter mine
>> accordingly.
>
> I enabled
> - Active directory (no specific setting)
>
> - LDAPv3 (add a configuration with port and authentication info and
> mapped through Active Directory - use "Modify" for the details)
>
> - SMB (with the proper group and WINS host).
>
>> For example, under the SMB settings, do you have a workgroup specified? Are
>
> Yes.
>
>> you using LDAPv2 or LDAPv3 (or both)? Under LDAPv3, are you using a
>> DHCP-supplied LDAP server? Is your "LDAP Mapping" set to "Active
>> Directory"? What Search Base Suffix do you use (if any)? Have you made any
>> modifications to "Search and Mappings"? And so on...
>
> I'm using v3, LDAP through Active directory (no path specified), not
> through DHCP, I added the address and port of the server manually, as
> well as my login and password which are required here to access the
> server.
>
>> Feel free to e-mail me directly if you feel that we should take this
>> discussion off-line for a while. I'm not trying to exclude the newsgroup (I
>> will post the final answer) but I don't want to bore everyone with the
>> details, either.
>
> Well, these details might be interesting/helpful for other people with
> similar problems. It's not the first time the problem rizes and probably
> not the last time either. It took me a very long time to get this to
> work here. These settings are not so obvious and even on our Network, I
> couldn't find a net-admin with all the information I needed to set that
> up properly.
>
>> Thanks in advance. I really appreciate your help. This has been driving me
>> crazy for months!
>
>
> Yeah, I know the feeling :-\
>
>
> Corentin
>
>

Reply With Quote
Corentin Cras-Méneur [MVP]
Guest
Posts: n/a
 
Re: Can't get LDAP to work
Posted: 02-20-2004, 10:22 PM
Rick Copeland <rcopeland@asdflkjh.munis.com> wrote:
> Corentin,
Hi Rick,
> Sigh... Still not working. I have followed everything you suggested. I
> rebooted. Still no LDAP connectivity from Entourage or Address Book.
>
> I'm struggling to even ask the right questions, since I'm not sure what's
> really "broken"... But two things come to mind:
>
> (1) You mentioned "LDAPv3 (add a configuration with port and authentication
> info and mapped through Active Directory - use "Modify" for the details)"...
> I didn't see a "Modify" option; plus, what details, specifically?
Sorry, it's Edit (my version says modify in French, I just checked back
in English).
You only have this option once you have created an entry for an LDAP
server in LDAPv3.

> (2) Would your net-admin be able to tell me what are the specific settings
> that were enabled on the Exchange Server?

Our net-admin refused to tell me... I had to figure it out most of the
settings myself. I stole some ideas from the PCs we have around here and
gathered some more from Outlook 2001. It was all very empirical :-\
> And finally, I know this is a lot to ask, but is there any way you can send
> me screen shots of your settings in Directory Access?? That would provide
> me with all the details (without you having to type them) and would ensure
> that I'm doing things exactly as you describe them... If this is too much
> trouble, I understand.

I'll do that, but I'll have to blur some fields.

Corentin
r


--
--- Mac:MS MVP (Francophone) ---
(MS) MVP: http://mvp.support.microsoft.com/
MVPs.org: http://www.mvps.org/
Retirez NoSpam de mon adresse pour m'écrire/Remove NoSpam to e-mail me
Reply With Quote
 
LinkBack Thread Tools Display Modes
Reply


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are Off
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Forum Jump


Similar Threads
Thread Thread Starter Forum Replies Last Post
LDAP Neal Mac Office 9 02-08-2005 07:48 PM
LDAP Directory Leasider Customize Windows XP 3 02-13-2004 04:00 AM
LDAP server Vicente Valjalo Mac Office 0 02-05-2004 08:16 PM
LDAP Emanuel Linux / Unix 0 09-05-2003 03:25 PM
LDAP server works ok from non-exchange account but DOESN't work with Exchange account. @ 10.1.4 wt Mac Office 0 08-09-2003 02:43 AM