INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Member Login

HANDLE


PASSWORD
Remember Me
Forgot Password?

Navigation

Join Us!
Keyword Search
Browse Forums
Jobs
Start A Group
Tell A Friend
Donate
Whitepapers

Come Join Us!

  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
E-mail*
Handle

Password
Verify P'word
*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Partner With Us!

"Best Of Breed" Forums Add Stickiness To Your Site
Partner Button
(Download This Button Today!)

Member Feedback

"...Congratulations on a brilliant idea and a great site..."
More...

Geography

Where in the world do Tek-Tips members come from?
Click Here To Find Out!
Home > Forums > Data Transmission > Communication Protocols > LDAP Forum

 what is the correct DN to search on RACF from LDAP?

thread774-1125408
peralesb (Programmer)
20 Sep 05 18:06
HEllo:

I have LDAP and RACF on Z/OS in Hercules emulator to Linux RedHat.

I managed to raise the LDAP server, and moreover test it with command as like:

#ldapsearch -h localhost -p 3389 -s base -D cn=LDAPADMINISTRATOR -w secret -b "sysplex=sysplex1" "objectclass=*"

#ldapsearch -h localhost -p 3389 -s base -b "cn=schema,cn=LDAPADMINISTRATOR" "objectclass=subschema"


But when I try the next commands:

#ldapsearch -h 127.0.0.1 -D racfid=IBMUSER,profiletype=user,sysplex=sysplex1 -w IBMUSER -b "racfid=IBMUSER,profiletype=user,sysplex=sysplex1" "objectclass=*"


#ldapsearch -h 127.0.0.1 -D cn=LDAPADMINISTRATOR,sysplex=sysplex1 -w secret -s base -b "racfid=IBMUSER,profiletype=user,cn=sysplex=sysplex1" -V3 "objectclass=*"


an both case I obtained the next message:

ldap_bind: insuffcient access
ldap_bind: aditional info: R000137 'cn=...' is not a valid RACF bind. Check that the syntax is correct and that it is a DN for a RACF user.


I understand the error message, but then, what is the correct DN?, in my config file to LDAP I have:

listen ldap://:3389
maxConnections 60
adminDN "cn=LDAPADMINISTRATOR"
adminPW "secret"
database sdbm GLDBSDBM
suffix "sysplex=sysplex1"


NOTE: I omitted the corresponding thing to DB2 and TDBM for that alone use the RACF database.

Thanks for any help.
Helpful Member!tsuji (TechnicalUser)
21 Sep 05 9:05
>'cn=...' is not a valid RACF bind
Try instead?
-b "racfid=IBMUSER,profiletype=user,sysplex=sysplex1"
peralesb (Programmer)
21 Sep 05 9:28
Hi tsuji:

I sorry, the "..." only is simbolic, but I did several combinations as:

-b "racfid=IBMUSER,profiletype=user,sysplex=sysplex1"
-b "cn=LDAPADMINISTRATOR,profiletype=user,sysplex=sysplex1"

But the problem persist.

Thanks
Helpful Member!tsuji (TechnicalUser)
21 Sep 05 9:51
The detail of the hierachy I don't know---it's implementation dependent. But on the suffix part, cn=sysplex=syplex1 could be outright wrong. A quick check?...
    http://mvs-admin.nmsu.edu/Ldapjava/ldapdn.html

Start A New Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Promoting, selling, recruiting and student posting
are not allowed in the forums.
Posting Policies
LINK TO THIS FORUM!
(Add Stickiness To Your Site By Linking To This Professionally Managed Technical Forum)
TITLE: LDAP Forum at Tek-Tips
URL: http://www.tek-tips.com/threadminder.cfm?pid=774
DESCRIPTION: LDAP technical support forum and mutual help system for computer professionals. Selling and recruiting forbidden.

 

Back To Forum

Back To LDAP