Hi all,

In order to verify if a generated email address has already been used
for an existing account of a remote directory, i have to use the Novell
ECMAScript function "ldapSearch", included in the NOVLLIBLDAP-JS

the parameters of this function are:

* ldapSearch
* @param (String} host LDAP Server, either DNS or IP-Address
* @param (Number} port LDAP listening port
* @param (String} user user account, full distinguished name,
LDAP syntax
* @param (String} password the cleartext LDAP userpassword
* @param (String} base search base
* @param (String} scope (base | one | sub)
* @param (String} filter LDAP search filter according to RFC2254
(see {@link #ldapCount(DirContext, String, String)}
* @param (String} attrList comma separated list of attributes to
* @type Nodeset
* @return NodeSet containing instances from search result, or status
element with error message
function ldapSearch(host, port, user, password, base, scope, filter,
attrList) {}

In my Policy, i call it this way:

ldapSearch("","389","cn=IamAccount,o=IAM"," MyPassword","","sub","(mail=$lvGeneratedEmailAddre ss)","uid");

Of course, it doesn"t work

The driver log can show me a DN Syntax Error:

--> Token Value: "Error : JavaException: com.novell.ldap.LDAPException:
Invalid DN Syntax".

* cn=IamAccount,o=IAM is the Service account of IDM. If i change it, i
have another error (bad credentials), so it seems to be good.
* "": i kept the "base" attribute empty because i want to do my search
from the Root of the directory. Is it a problem?

To debug it, i launched the same command in the designer ECMA console.
The command return no result (but no Error!). Maybe it's because the
console isn't able to show a nodeset as a String..

Do somebody already used this function and see something i could have
done wrong?

Thank you in advance

sniceper's Profile: https://forums.netiq.com/member.php?userid=5188
View this thread: https://forums.netiq.com/showthread.php?t=48546