Here’s what I know so far:
First you should know that I am ignoring the Apple documentation, because I cannot get their recommendations to work.
My biggest problem is that I am trying to get a client that has existing user accounts to authenticate on the network using LDAP Bind authentication.
NetInfo stands in the way of this - AFAIK - this is why Apple’s recs are not working for me.
But I am making progress: I’ve turned on the OpenDirectory mapping to the LDAPv3 plugin, and things are starting to look very good. my LDAP server is reporting all the transactions that come across the wire, so I’m able to see what apple is searching for, etc. So far, my laptop has the attributes that it needs to get OD to start to try to get MCX data for it. But since I dont know what that looks like yet, I’m at a loss.
I think that this is what OD wants to do: He wants to start at the machine that you are one, and traverse the tree util he sees that that machine can get auth from the LDAP server, at which point, he’ll try a BIND.
It is taking some time to get to that point…
Anyway, if you want some debug logs so that you see what the client is doing to the LDAP server, leave a message up here, and I can get you the logs.
For the truly brave, try nidump’ing your netInfo db, deleting it, and starting your config from scratch. Actually, I’m half tempted to do this…