I remember going through this as a member of the OES2 Linux Beta team, but I've tried all of the things I did before, but I am missing something.

I've been through all of the checkpoints and daemons that I experienced during the beta test (when I had it working), but I'm missing some piece of the puzzle.

I built a traditional NetWare 6.5 sp7 file server in a test eDirectory tree, installed AFP and UP and my MAC folks can access it without incident. Next I aded an OES2 Linux File Server to that same tree, and am attempting to get my MAC folks access to its' NSS volume. When they attempt to connect to the server, with their name and password (the same ones that work on the traditional NetWare FS in the tree), I get the error "User does not have permission to access this server". The only errors I see in /var/log/afptcpd/afptcp.log and are:
Failed to get GUID for user bob.ou=here.ou=there.o=everywhere with error 1;
Unable to get volume status 21200 <52d0>; and,
LDAP simple bind with AFP Proxy user credentials failed.

I remember during the testing a few months back that I needed to make it so that the AFP Proxy user could read and compare passwords in the UP, and it also needed explicit rights to the root of the MAC visible volume.

I'm pretty sure that my entire problem rests with the 3rd error message, but i can't seem to find where to locate and fix it. I'm confident that I set the beginning search container high enough in the tree to find the AFP Proxy user and my regular user accounts, but I'd like to find th conf file to confirm/refute my memory before I scrap and rebuild the entire system. It is s a test sand box, so if I screw it up too badly, there's no real harm. But I'd like to be able to "fix" it without the CD swapping fun. (Then I could actually learn something!)

Any thoughts or ideas will be greatly appreciated.