Name and password authentication fails for LDAP clients connecting to the LDAP service
To authenticate using name-and-password security some LDAP clients, for example Netscape Mail, Microsoft Internet Explorer, and Notes clients with LDAP accounts, first do an anonymous search to retrieve the distinguished names used for the authentication, so that users don't have to specify the distinguished names themselves. To enable such clients to authenticate using names and passwords, you must enable anonymous access, as well as name and password authentication, for the LDAP service port the clients use to connect. You must also allow anonymous read access to the attribute(s) the clients use to search the directory anonymously to retrieve the distinguished names. Attributes typically searched for are cn, uid, sn, givenname, or mail.

See Also