Rob,

When I enter the WRKDOMSVR command and take a 9 next to the server name, I
do see that LDAP job running in the Domino subsystem.

When I enter the 8 option and then SHOW TASKS, I do see LDAP SERVER, but
it says CONTROL TASK, not Listen for....

If this means LDAP is being served, is there a way to verify email
addresses?

Thank you again,

Doug





From: "Rob Berendt" <rob@xxxxxxxxx>
To: "Lotus Domino on the IBM i (AS/400 and iSeries)"
<domino400@xxxxxxxxxxxxxxxxxx>
Date: 02/04/2021 08:27 AM
Subject: RE: Email address verification
Sent by: "Domino400" <domino400-bounces@xxxxxxxxxxxxxxxxxx>



Yes. The file in the IFS is names.nsf. However, that may be a bit hard
for you to analyze. Your Domino server is not currently set up to export
the names.nsf on a periodic basis so, since your Domino team is opposed to
any change, I don't see that happening any time soon. Now, if you want to
manually go into File, Export Contacts and mess around with that you can.

Funny thing is, your Domino server is probably already set up to serve
ldap and they don't even know it. It's a default on your primary NAB
server.
WRKDOMSVR
9=Work server jobs
LDAP QNOTES BCI .0 PGM-LDAP
8=Work console
SHOW TASKS
LDAP Server Listen for connect requests on TCP Port:389
Is it using ldap over SSL or not? If the above says Port:389 it is not
using ssl. 636 is the port for SSL.

Or WRKJOB LDAP
NETSTAT OPTION(*CNN)
F15=Subset
Local port range:
Lower value . . . . . . . . 389
8=Display jobs

QSH
Ldapsearch -h notes01.corp.dekko.com -s base "cn=*guebard*"
ldap_simple_bind: Inappropriate authentication --- Failed, anonymous
bind not allowed
$
Ldapsearch -h notes01.corp.dekko.com -s base -D "cn=Rob Berendt,O=DEKKO"
-w PlacePasswordHere "cn=*guebard*"

The -D is used to say the next parameter is the user to bind to the DNS
with. The -w is the password.

https://help.hcltechsw.com/domino/11.0.0/admin/conf_customizingtheldapserviceconfiguration_c.html


Here, we serve up ldap from Domino for use by our printer/scanners to send
scanned documents to. And a bunch of other stuff. How does your printer
scanners do their ldap search? Can you use ldapsearch on that? You may
have to add parameters for a binding name and password. Any google search
for ldapsearch will show you how to do that. I showed an example above.
Windows Active Directory often has email addresses stored in that also.
You could ldapsearch that. Then next year when you migrate to Azure for
active directory you can rewrite it.

Boy am I looking forward to my day off on Monday...

Rob Berendt

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2022 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.