Friday, June 06, 2008
Odd LDAP Calls from Contribute Publishing Services
We've recently updated our LDAP and noticed a slowdown on authenticating through Contribute Publishing services. Upon looking into the issue, we determined that Contribute Publishing Server was sending what to us appears to be a malformed LDAP filter. Before I call Adobe support, I thought I'd check to see if anybody else has encountered this issues. Our setup looks something like this. (I've changed the actual data for security reasons.)
Our user search tab has CN, Mail and UID Defined along with a basic filter. (!(status=I)) Our Group tab is blank as our LDAP does not contain groups. With this setup, when attempting to authenticate user lm1000, CPS send the following filter to the LDAP.
When I run this filter in an LDAP browser I see the same slow behavior, however when I remove (=lm1000) the LDAP responds immediately. Has anyone seen this behavior before? Am I not configuring something properly, because to the best of my knoledge, an LDAP filter must contain an attribute name to look for a value in.
Update: It turns out that adding the UID field in the group tab resolves this issue.posted by Luis