The Extranet Collaboration Toolkit for SharePoint (WSS v3.0 & MOSS 2007) has a little gotcha which is rather annoying. The gotcha is an auto-append of CN=Users to the LDAP Connection String to the SharePoint web.config file. Here's how it tripped me up...
When configuring the ADAM instance, you are asked to input a User Container Name in the form of part of an LDAP connection string (see screen-shot below):
What this does is create an ADAM instance and a container at the path specified (User Container Name). When the ADAM instance is created, it also creates a sub-tree of CN=ExternalUsers, as shown below:
Now, when you run the ECTS setup wizard to configure and install the SharePoint solutions and features, you are asked to input an ADAM Server Name, you're then asked to provide a User Container Name at which to point the SharePoint solution to enable it to add the LDAP Connection string to the SharePoint web.config file.
Now here's where the gotcha hits - I looked at my ADAM instance using ADSI Edit and supplied the ECTS Setup Wizard with a User Container Name something along the lines of CN=Users,CN=ExternalUsers,DC=server,DC=domain,DC=suffix.
Now, when the ECTS Base feature is activated, it puts several items into the SharePoint web.config file. One of these items is the LDAP Connection String. What I didn't know at that time is that it automatically prefixes CN=Users to the User Container Name that you chose when configuring ECTS for SharePoint.
Given that I specified a User Container Name of CN=Users,CN=ExternalUsers,DC=server,DC=domain,DC=suffix when configuring ECTS for SharePoint, this would of course then become CN=Users,CN=Users,CN=ExternalUsers,DC=server,DC=domain,DC=suffix
(note the repeated CN=Users).
For a while, I manually updated all of the web.config files in my farm that were affected by this. Soon it became quite a burden; every time a modification was made that involved the web.config being re-written from the database, the repeated CN=Users would always re-appear.
I suppose you could put this down to my ignorance, or perhaps you'll agree with me that the documentation doesn't make this as clear as it should be - whichever way, I thought it might be useful to share this.
