LDAP: EXPORT Domino User to -> Active Directory

HCL Domino Domino Forum
1

Hi all,

I’ve searched help files and this site, but all I can find is how to import users from Active Directory to Domino Directory.

But I need the reverse procedure. Why??? Because I have a product (MailSweeper) that only knows how to read from Active Directory. No costumization is possible (too user friendly, I guess).

What I need is to export all users and their e-mails, also group e-mails and Mail-In database e-mails into the active directory.

Is that possible? Where can I find more info?

Thanks in advance…

Miha Vitorovic

2

Subject: LDAP: EXPORT Domino User to → Active Directory

MihaI have Mimesweeper (4.2x) configured to read from the Notes LDAP (r6.5) running on our Hub server - won’t this work for you??

Ian

3

Subject: RE: LDAP: EXPORT Domino User to → Active Directory

How did you do that? All I can do is specify the LDAP server, username and password. As I understand the domino directory tree is quite different from the Active directory one. Also, I think that the username and address attributes have different name from their Windows counterparts. Or am I comletely wrong.

I have not actullay tried to do it yet, because all I have is our production MailSweeper and our production Domino server, and I don’t want to break anything.

Also, I have read that people on the MimeSweeper forums had little luck trying to access other LDAP servers, so I never actually tried.

If you could tell me how you did it and if you had any problems, I’m willing to try.

TIA,

4

Subject: RE: LDAP: EXPORT Domino User to → Active Directory

MihaYou simply load the LDAP task on the Notes server and then specify the Notes server name as the LDAP server under Mimesweeper. By default the Domino LDAP allows anonymous access so you don’t need a username & password. LDAP is a OS independant directory so the attributes you can use look the same whether they’re on Domino or A.D.

Got to say I’d create a test system out of a couple of spare PCs though… :slight_smile:

Ian

5

Subject: RE: LDAP: EXPORT Domino User to → Active Directory

Ian,You seem to be pretty knowledgable on LDAP with Domino.

I am trying to query the Domino LDAP from an ASP web page on our website, to authenticate users.

With the ASP I am using, all I can get in return is table not found.

Would you know of any ASP code examples, good

resources for notes or reason why It wont work?

thanks,

Ian

6

Subject: RE: LDAP: EXPORT Domino User to → Active Directory

Hi Ian,

I responding to one of your other posting but thought I would share it here also.

I am not a expert in ASP programming but I thought I would take a shot at it and here is what I came up with. Not pretty but it works.

This code is designed to preform a domino ldap lookup and can also be used for authenication.

You will need:

IP works -installation required

  1. http://www.nsoftware.com/default.aspx

  2. Click on Platforms / IDEs → ASP

  3. Select IP*Works!V6 ASP Edition

  4. Trial version will work.

Let me know if it works for you.

Ted Ford

ewizard2@cox.net

				 <tr><td>LDAP Server: <td><input type="text" name="server" value="mcd01" size="30">

				 <tr><td>Query:<td><input type="text" name="query" value="" size="50">

				 <tr><td>Pass:<td><input type="password" name="myPassword" size="50">

				 <tr><td><td><input type="submit" value="Search!">

<%

If Request(“REQUEST_METHOD”) = “POST” Then

Dim ldap

Set ldap = Server.CreateObject(“IPWorksASP6.LDAP”)

ldap.ServerName = Request.Form(“server”) 'LDAP Server Name from Request form

ldap.SearchSizeLimit = 100

'at most 100 results

password = Request.Form(“myPassword”)

'retrieving password from request form

username = Request.Form(“query”)

'retrieving username from request form

 if ( password = "" )  then				

 	password = "nopassword"						

 end if

 if ( username = "" ) then

 	username = "no user"

 end if

ldap.dn = username

'User name used for Ldap session

ldap.password = password

'password used for Ldap session

ldap.bind

'establishing a session with ldap.

’ if result code is 0 and description is OK then you have a successful login. If result code is 49 and description

’ is "Invalid Credentials, then you will be bounded as anonymous

if ldap.NextResult = 0 then

’ if result code is 0 and description is ok = sucessful login

if ldap.ResultDescription = “[ok]” then

Response.Write(“it worked”)

’ set the required attributes

ldap.AttrCount = 1

ldap.AttrType(0) = “mail”

'email for addresses etc…

ldap.Search “cn=” & Request.Form(“query”)

While ldap.NextResult = 1

'1 is a search result

Response.Write "
Found Name: " & ldap.ResultDN & Chr(13) & Chr(10)

Response.Write "
Found Email: " & ldap.AttrValue(0) & Chr(13) & Chr(10)

Wend

else

Response.Write(“Not Authorized”)

end if

end if

’ Response.Write(“
” & ldap.ResultCode)

’ use the above statement to see result code

Response.Write “”

End If

%>