hi,

i´m working on my installation routines for ad remoteloader to work on
windows server 2008 r2 64-bit and am testing at the moment.
so far the installation itself´s seems to work as desired. when i start
the remoteloader service and try to connect to it from the engine-side i
get an error.


remoteloader-trace:
DirXML: [02/16/11 16:33:37.31]: ADDriver: rootDSE information needed.
DirXML: [02/16/11 16:33:37.31]: ADDriver: Make unauthenticated
connection to rootDSE
DirXML: [02/16/11 16:33:38.33]: Loader: Received document from
publicationShim
DirXML: [02/16/11 16:33:38.33]: Loader: XML Document:
DirXML: [02/16/11 16:33:38.33]: <nds ndsversion="8.7"
dtdversion="1.1">
<source>
<product version="3.5.13" asn1id="" build="20101214_120000"
instance="\HOME\ORGA\\driverset\myADDriver">AD</product>
<contact>Novell, Inc.</contact>
</source>
<input>
<status level="retry" type="driver-general">
<message>unable to connect to Active Directory</message>
<ldap-err ldap-rc="81" ldap-rc-name="LDAP_SERVER_DOWN">
<client-err ldap-rc="81" ldap-rc-name="LDAP_SERVER_DOWN">Server
Down</client-err>
</ldap-err>
</status>
</input>
</nds>

via ldp (on the server itself = local machine) i can connect
anonymously to active directory (connect with simple-bind and no
user-credentials) and get information regarding the rootDSE (in essence
the information the engine is requesting through the remoteloader) .
skimmed through local security policy and found two entries of interest
(to me at least - without knowing too much of windows server 2008 yet):
Domain controller: LDAP server signing requirements Not Defined
Network security: LDAP client signing requirements Negotiate signing


the remoteloader is configured as a service (with "dirxml_remote
-config <config-file> -service install") and patched to the max (as well
as the engine). ssl between the remoteloader and ad is not configured on
the driver-object.

remoteloader: idm361remoteloaderir3
ad-driver: idm40adir1
engine: idm361engineir3

maybe someone out there already solved the problem


thanks in advance, florian


--
florianz
------------------------------------------------------------------------
florianz's Profile: http://forums.novell.com/member.php?userid=210
View this thread: http://forums.novell.com/showthread.php?t=432649