[18] Troubleshooting Ldap

Though I don't need to troubleshoot LDAP things quite often, but when I need I use LDAP Browser tool for testing/troubleshooting..

Steps : -1. Download Ldap Browser tool from here.
2. Unzip the files and run lbe.bat to open LDAP browser.
3. Click New to create a session. Name it say LDAPTest.
4. In 'Connection' Tab give the hostname (without ldap: //) say comadc.company.com , give the port say 389, give BaseDN say dc=company,dc=com , Uncheck Anonymous Bind option (This will enabled User info fields below), Give the User DN as username (Exchange user id) Or like cn=Niku Ldap Bind User,ou=Users,ou=niku,dc=company,dc=com , give password in password field.
5. Leave the values in Options tab as it is.
6. Click save and 'Edit Session' window will close.
7. Select the LDAPTest Session in list and Click Connect.
8. If everything is correct then you should see the list of all groups & users in your LDAP directory, if not you need to check configuration again.

After Connection is successful you can fill in relevant enteries in NSA.

In LDAP Server Section give enteries as ( Sample enteries )
URL = ldap : //comadc.company.com:389 Root Context = dc=company,dc=com
Search User = cn=Niku Ldap Bind User,ou=Users,ou=niku,dc=company,dc=com
Password = password

* Note that LDAP implementation & security level varies. Configuring NSA for correct settings is not sometimes easy. If it doesn't work for you, then may be userid being used doesn't have proper security access to read LDAP directory. Be friendly with LDAP/AD administrator... Request him/her to give 'good' read privileges to any test user...temporarily. Try LDAP Browser with test userid and see if it works. If it works then LDAP Administrator can further reduce the privileges till it doesn't break LDAP Browser or Clarity LDAP sync job.