I have my site setup and going. It is on a server that I have complete control of. It is a Windows 2003 server.

I am trying to setup LDAP.

Can the URL have information like ldap://ldapserver.com/OU=XX,OU=CITY ?

Port is OK.

Is the RootDN the same as the BindDN? Also our LDAP has a BindPassword. How do I enter this?

Finally, after this is going I need to limit to select users by name and department. Is there syntax that I can place in the URL? This is how I have done it with Apache using LDAP to secure pages.

Thanks

Ed

Hi Joe.

Thanks for the fast reply.

We are using AD for LDAP.

I created a new user with my LDAP ID and gave myself ADMIN rights in mojoportal.

The URL and ROOTDN make sense so I can enter that.

In order to even read our LDAP we have to use a BindDN (which happens to be different from my container I need to check for my user and departments). This BindDn also requires a read password.

One last question. For the RootDN, when I enter the container, can I also use filters?

For example:

OU=INFO,OU=CITY,OU=MYDEPT,DC=MYCOMPANY,DC=com?ouraccountname??(|(departmentName=dept1) (ouraccountname=user1)(ouraccountname=user2)(ouraccountname=user3))

The default object from the LDAP container is not the ouraccountname. ouraccountname is the userid we use for AD. The syntax above would allow anyone from dept1 that enters their userid and password correctly to authenicate. It would also allow user1, user2 or user3 to authenicate regardless of their departmentName setting.

Ed

I am a developer but new to .NET and I have not done ASP in 5 years or so.

I have to have something going by the end of this week. I think for now I will just control the users and fix the LDAP later. When I get it done I will contact you so you can use it if you like.

I have to start configuring my content and I have to build a module to access a MS SQL database and allow data entry. Next week I have to being able to produce a report from the database. I figure I can find some examples.

Thanks for your help.

BTW, I also installed DOTNETNUKE. It looks good but it seems very very slow to me. I am going to stick with your mojoportal. Also, your code is C# which is what I want to learn next. VB is old news.

:)

Ed  

I believe I have solved the Active Directory Authentication issues (with a MS-SQL Server installation). 
I hope to have the code to you by monday.

Greg

Hi Ed,

I was looking for posts on LDAP and came across yours so I am posting this question so maybe you have by now enough knowledge to help me.

I have setup MojoPortal using LDAP and SQL server and it works fine for users on the local domain. But there are users who are not on the local domain here, i.e. They have domain accounts but there accounts are stored on several other servers around the world and our LDAP server here does not sync with them.

How can I add parameters in Mojo's LDAP section to allow users from other domain to get authenticated?

They say they can see the page which I have enabled Anonynmous access on but when they login they get the usual "Login Failed" message. This is because mojo cant authenticate them using the Forms Authentication to the servers where their domain accounts are stored.

The setting for Root DN for User Authentication: CN=Users,DC=my,DC=company,DC=ORG

For example, locally users from DOMAIN1 can access the portal and login, but how do I allow all users from DOMAIN2, DOMAIN3, DOMAIN4 to gain access and login?

Actually MyDomain belongs to a larger forest of domains so could I even allow users from ROOTDOMAIN (which hosts DOMAIN1,2,3,4) to login instead?

Eagerly awaiting your response.

Dominique