Haven't posted anything for a while but I have been messing with some interesting things. Been working on creating a portal site using metadot http://www.metadot.com/ I had the hardest time getting LDAP authentication to work but here is a quick tutorial on what finally made it go.
Metadot: Setup LDAP authentication for active directory on server 2003
Click enable for LDAP registration
Click Modify under registration params
LDAP server should be your LDAP server, either name or IP
This is where the LDAP searches will begin
In my environment it is
One way you can find this out is by using a program called OldCmp http://www.joeware.net/win/free/tools/oldcmp.htm
Run this command oldcmp -report -age 1 -users (This generates a report of users passwords that are older then 1 day)
Open this report and look at your users, it should help in figuring out what your base DN is.
Next you need the user unique identifier, this was confusing for a bit, but this is the filed that LDAP is going to look up against. (Which is also why you can assign it a label in case your want to compare on something different then email address)
A couple of 'User unique identifier in LDAP directory options' are: Mail, userPrincipalName or CN more info http://www.computerperformance.co.uk/Logon/LDAP_attributes_active_directory.htm
Mail ---> The users email address
userPrincipalName ---> The users logon on name i.e. firstname.lastname@example.org
CN ---> The users name i.e. joe schmoe
I configured it to use LDAP for authentication only so I have not messed with profile management yet.
The last hoop to configure is click the radial button to select DN: (you have to do this for active directory)
Now you need to supply a user that can do LDAP lookups. After you create this user you can use OldCmp to find out its DN
An example DN is cn=metadot,ou=service accounts,ou=national users,dc=nffc,dc=local
and then of course set the password.