Pete McDonnell schrieb:
AD Authentication is working OK,
It isn't.
but I have to create an entry in the customer table before a customer can login. That's not a big deal, hopefully that will be working nicely in later versions :-)
It should not be necessary at all.
What's not working is that when I select the Customer User page under the Admin Area I only see the users that I've manually setup. I also get messages such as the following in my system's messages log file. At around 16:40 I changed the user to the Administrator of the AD tree to see if it was a permissions issue that was causing the browsing to fail.
I guess the user you're using to connect isn't equipped with a right's range broad enough. "cn=Pete McDonnell, ou=Users, dc=corp, dc=hiplab2003, dc=com" is probably not capable of reading all the necessary info. Try to create a designated reader user with no write access to any part of the AD tree, but all area read access (yes, except for the passwords). Unfortunately, I cannot tell you how to incorporate such a user, as I luckily do not have to work with AD or stuff like that. I could tell you what code would be necessarily on a regularyl LDAP server based on OpenLDAP, though. Better choice, btw. *scnr* --Pete McDonnell wrote on 09/22/2004--------------------------------------------- I made the following changes and lookups are now functioning. Thanks for the pointers. - Set the lookup account as having full permissions on the Users object under the top level of the A/D Forest. I probably have some of the terminology wrong, as I'm certainly no expert with A/D - commented out the section of the Config.pm which wasn't neceessary (had inactive sections referring to an ODBC driver) - Pete McDonnell Manager, Technical Services Hip Interactive Phone: (519) 272-0234 x228