LDAP connects, client doesn''t

I installed the 3.1.0 beta yesterday. It works great with the local databse of users. It took an hour or so of research here to figure out how to get LDAP connected. I did that. The admin console showed just the Active Directory users that I wanted to be there. Everything looked great until I tried to log on with neos or spark.

Neos and spark would both just sit there ‘‘connecting’’. If you looked in the admin console, it would show you as connected, but the client was not fully connected. A message sent from the console would pop in the client, but the client still said, ‘‘Connecting’’.

As soon as I change it back to the local DB and not LDAP, the lient connects right away.

What should I post here so that the experts can help? Here is the LDAP section of my wildfire.xml:

Thanks in advance.

Two things come to mind…

Use semi colons and not commas, and the adminDN, is the DN of the account, not the UPN.

Should look like:

<adminDN>CN=WFadmin;CN=Users;DC=xxxxxx;DC=local</adminDN>

Try that…

Na, that broke it worse. If I put in all those semi-colons and change the adminDN to that format, I get an LDAP: error code 49 - 80090308. I researched that and it said that it was because the DN was in the wrong format, then it shows an example that uses commas…

When I change it back to original, I can log into the console again and the deug.log shows success after success, but there is no success on the client…

Can you send copies of the debug log and the wildfire config?

I believe that I have got that part worked out. If I change the baseDN to a more specific folder, the user search is much smaller. That appears to be the issue with connecting. The search when attached to the base of AD must be too large to connect in a timely fashion. This brings up my next obsticle: groupSearchFilter and alternatebaseDN.

I would like users other than the ones in the original baseDN to be able to connect, but not all of them. Surely other folks have hit these issues.

ok, I am good now.

Once I set the groupSearchFilter to filter out every group except the imusers group, everything seemed to be golden.

Thanks.