Does anyone have experience using LDAP to obtain group information on filers using the RFC 2307 compliant options in DOT 6.5 and up, specifically with Novell eDirectory?
I had some success configuring it against XAD (which supports a variant of RFC 2307). More information is at:
http://www.padl.com/TechNotes/XADONTAPConfigurationNote.html
I'm also curious about how the ldap.usermap.* options work - the documentation is a bit vague on what the filer expects to see in the .attribute.*account options and how/when lookups are performed. Anyone played this or know what the code does?
I think this is to handle the case where a single identity has different user names for UNIX and Windows.
eg:
options ldap.usermap.attribute.unixaccount uid options ldap.usermap.attribute.windowsaccount sAMAccountName
Presumably you can avoid the overhead of an extra lookup if user names are the same in your deployment.
-- Luke
--