|
Thanks Scott!
The connection issue at this time is that the LDAP API's, and the ldapsearch command issued within Qshell, do not work with the proper LDAP server name ("company.com").
Since the ldapsearch command calls teh LDAP APIs, it'd make sense that
they'd have the same problems :) Yes, in fact at one point I got a message back in the shell that read "LDAP_SIMPLE_BIND: Can't connect to LDAP server", or something like that.
The LDAP directory is spread over several Windows boxes, but access to the "composite" directory is through the server name "company.com". I've apparently gotten a good connection to just ONE of those Windows boxes at a time, using the network name of the box.
I've had no exposure to that type of setup -- I've always had all of my
LDAP on one server. I suspect that this doesn't matter, the data should be somehow replicated to that central server, so you shouldn't have to do anything special, right? I'm not so sure that all the data is replicated, but anyway, you're supposed to use just the one DNS name (or LDAP name anyway, this particular service is new for me). I don't think there are too many with this situation, trying to just use the LDAP client API's on the i5 to connect to an external LDAP server. Almost everything I see seems to assume the i5 is the server.
Maybe there's a firewall blocking access to the central server? Or it's
not listening on the port you think it's listening on? No firewall blockage, everything is on the local LAN, and it's open.
Furthermore, to complicate the scene, the AS400 command line (NOT the shell) is getting a sucessful answer to my PING's to the LDAP server names. That is, "MAIL", "MAIL.COMPANY.COM", and "COMPANY.COM". So there is connection. It's just when using the LDAP client functions it doesn't seem to get it.
PING tests that your TCP/IP stack is able respond to IP control messages
(ICMP protocol). I have no clue what that has to do with LDAP. I guess it shows that the network adapters in the machines have been successfully configured, which is something, but not very much. TELNET would give you a more accurate test of whether the LDAP port is responding than PING does. You're right, for me it was justa test to show that it at least was connecting, that at some level they could "see" each other. But yeah, not much. I've got a call open at IBM, maybe they'll let me ride the issue on support, if I can't straighten it out here... --Alan
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2025 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.