This is the login sequence when you use the searched DN algorithm:
Open Client connects to an Adaptive Server listener port.
The Adaptive Server listener accepts the connection.
Open Client sends an internal login record.
Adaptive Server reads the login record.
Adaptive Server binds to the LDAP server with a directory server access account.
The connection established in steps 5 and 6 may persist between authentication attempts from Adaptive Server to reuse connections to DN searches.
The LDAP server authenticates the user, returning either a success or failure message.
Adaptive Server sends search requests to the LDAP server based on the login name from the login record and the DN lookup URL.
The LDAP server returns the results of the search.
Adaptive Server reads the results to obtain an a value of attribute from the DN lookup URL.
Adaptive Server uses the value of attribute as the DN and the password from the login record to bind to the LDAP server.
The LDAP server authenticates the user, returning either a success or failure message.
If the primary URL specifies a search, Adaptive Server sends the search request to the LDAP server.
The LDAP server returns the results of the search.
Adaptive Server accepts or rejects the login, based on the search results.
Adaptive Server reports a generic login failure to the client if any of these authentication criteria are not met.
You may skip steps 12 and 13 by not specifying search criteria in the primary or secondary URL strings. The authentication completes, displaying the success or failure returned by step 11.
