How to get Netscape to talk to LDAP for NDS
(Last modified: 09Jan1998)
This document (2920151) is provided subject to the disclaimer at the end of this document.
Issue
Using Netscape Communicator v4.0 Preview Release 1 with NetWare LDAP v1.0
Configuring NetWare and NLDAP for access by Netscape Communicator v4.0.
Bring up a NetWare 4.1 or 4.11 server running NDS. Download NLDAP from Novell's web site and install using the defaults, and then use the nwadmin utility to configure a proxy user in the LDAP group. Be sure to establish this user in NDS without a password. Give it trustee rights to the subtrees that you want to expose to anonymous access.
Using URLs from the Navigator Window
Netscape Communicator v4.0 appears to implement the syntax for LDAP URLs proposed by Tim Howes and Mark Smith in RFC 1959.
Here are some typical URLs based on the configuration described above:
Search in NDS at the COUNTRY level of NDS
ldap://100.100.100.1/c=us??sub :[everything under c=us]
ldap://100.100.100.1/c=us??sub?(cn=john) :[ user john under c=us]
ldap://100.100.100.1/c=us??sub?(cn=j*) :[ everything beginning with " j" under c=us]
Note: Many times NDS isn't set up with a Country, so don't always include the country in the search.
Search in NDS at the ORGANIZATIONS level of NDS
ldap://100.100.100.1/o=novell??sub :[everything under o=novell]
ldap://100.100.100.1/o=novell??sub?(cn=john) :[user john under o=novell]
ldap://100.100.100.1/o=novell??sub?(cn=j*) :[everything beginning with " j" under o=novell]
Search in NDS at the ORGANIZATIONAL UNIT level of NDS
ldap://100.100.100.1/ou=sales,o=novell??sub :[everything under ou=sales under o=novell]
ldap://100.100.100.1/ou=sales,o=novell??sub?(cn=john) :[user john under o=novell]
ldap://100.100.100.1/ou=sales,o=novell??sub?(cn=j*)
:[everything beginning with " j" under o=novell]
Search in NDS with multiple ORGANIZATIONAL UNITs in NDS
ldap://100.100.100.1/ou=marketing,ou=sales,o=novell??sub
:[everything under ou=sales under o=novell]
ldap://100.100.100.1/ou=marketing,ou=sales,o=novell??sub?(cn=john)
:[user john under o=novell]
ldap://100.100.100.1/ou=marketing,ou=sales,o=novell??sub?(cn=j*)
:[everything beginning with " j" under o=novell]
Search in NDS with names with spaces in them (human resources)
ldap://100.100.100.1/ou=human%20resources,o=novell,c=us??one [everyone in Novell's HR dept.]
ldap://100.100.100.1/ou=human%20resources,o=novell,c=us??base [Novell's HR container itself.]
At this time (1/97), specifying the attributes to be returned seems to crash the Netscape v4.0 preview release (so don't do it).
Configuring Netscape Communicator
Using the Address Book Window
Another way to send LDAP queries is the Communicator's Address Book window. Just invoke Window/Address Book, then select the NetWare server you configured as above. Type in a name as invited and it will search the entire directory from the configured search base.
Download from Netscape's web site. Bring up Edit/Preferences/Mail and News Preferences/Phone Book. Add a new directory with these parameters:
Description: whatever you like
LDAP Server: Your NetWare server's TCP/IP DNS (Domain Name Services) name
Search Root: LDAP distinguished name for NDS search root container
Port Number: use default 389
Maximum Number of Hits: use default, or your discretion
Secure: no
Save Password: use your discretion
For example:
Description: Novell's public demo server
LDAP Server: dshost.novellds.com
Search Root: o=Acme,c=us
Port Number: 389
describes a (hypothetical) Novell-hosted demo server, and searches only under its "Acme" organization.
document
| Document Title: | How to get Netscape to talk to LDAP for NDS |
| Document ID: | 2920151 |
| Creation Date: | 25Jan1997 |
| Modified Date: | 09Jan1998 |
| Revision: | 1 |
| Novell Product Class: | Connectivity Products NetWare |
disclaimer
The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.