LDAP to the Rescue.....

We've been running LDAP for Groupwise authentication, our ERP solution , and our VPN for sometime now. Our LDAP is generated out of eDir and contains all the user info you could ask for.We have a vendor who supports our helpdesk and ticketing app. This app is part of a LARGER vendors IT solutions database. Management decided they wanted it to authenticate via said LDAP.  

Hilarity ensues........

For two months the vendors asks for various server certs, different configs, and tries to blame eDir for their lack of authentication. The major vendor claims "we have no experience with doing this on eDir." Management finally has enough and gets our team involved. We install the eDir CA cert into their server and viola everything works. They were working with an assumption of AD all the time as well, trying to search o=domain,o=com instead of T=TREE. 

I know eDir is not exactly the #1 directory service, buy you would think that there would be more of a commonality with LDAP....

apparently not....

I've petitioned for IDM training, so I can start building more connectors than the one that Novell built in June (edir to AD via the IDVAULT) .  All I need now is the time to accomplish said training.