Forums | Admin Discussion Forums: help Start New Thread Nested Flat Threaded Ultimate Show 25 Show 50 Show 75 Show 100   By: Tobin Juday RE: Connecting to ActiveDirectory [ reply ]   2008-02-13 19:00 Thanks for responding guys, I got in! Lawrence, you hit the nail right on the head. I changed my username to contain the domain information, and I got right in. Thanks for the quick replies, they are much appreciated. Tobin By: Lawrence Holcomb RE: Connecting to ActiveDirectory [ reply ]   2008-02-13 16:32 If you were able to connect without SSL then you shouldn't have any trouble connecting with Net/LDAP. The following works for me on the domain where I work: LDAP.auth ("#{email_address}", "#{password}") I think with AD you have to give the :userprincipalname when authenticating. Someone with more knowledge can confirm or deny this. Basically I wasn't able to authenticate until I gave the full email address in reference to the domain. In other words just the account name won't work. You want the username@ and the full dc string for the domain. An example: Say the domain is admin.ad.bob.com Then your base would be dc=admin,dc=ad,dc=bob,dc=com so you would need to pass username@admin.ad.bob.com for the username parameter in the auth call. By: Dennis Crall RE: Connecting to ActiveDirectory [ reply ]   2008-02-13 16:23 Tobin, I'm pretty much an LDAP n00b also, so I'll post what worked for me. I may not be able to help you much beyond that. Last week our LDAP server moved from an unsecure to secure connection. I was able to connect securely with the following code: ldap = Net::LDAP.new :host => "host", :port => 636, :auth => { :method => :simple, :username => "username", :password => "password" } ldap.encryption :simple_tls if ldap.bind puts "Connected" else puts "Could not connect." end From looking at the source code :simple_tls is the only secure connection type supported. In Java we are using an LDAPS url, so I'm not sure what the difference is. Good luck. By: Tobin Juday Connecting to ActiveDirectory [ reply ]   2008-02-13 16:10 Disclaimer: I am a LDAP newbie. I'm trying to connect to my company's ActiveDirectory, at which point I would like to find all of the current employees. At the moment, however, I just need help getting connected. I know the host name, and I have a valid username/password. I have been able to connect using a small GUI tool (LDAP Admin - http://ldapadmin.sourceforge.net/). The problem is that with the GUI tool, I was not able to log in with simple authentication, I had to use something called GSS-API. There were also check boxed to use SSL and SASL. Both of those where unchecked. I haven't been able to figure out how to get net-ldap to use GSS-API. Is it possible, or am I out of luck on this? Thanks. Tobin