How to configure LDAP with GWIA

(Last modified: 06Feb2003)

This document (10007372) is provided subject to the disclaimer at the end of this document.

goal

How to configure LDAP with GWIA

fact

Novell GroupWise 5.2

GroupWise Internet Agent 5.2

Novell GroupWise 5.5

GroupWise Internet Agent 5.5

fix

OVERVIEW (Formerly TID 2930358)
Lightweight Directory Access Protocol  (LDAP) allows any browser or LDAP-enabled client to look up GroupWise Address Book information via TCP/IP. The GroupWise Internet Access (GWIA) agent provides LDAP services. LDAP is enabled in GWIA by default, but requires some minor configuration before it becomes usable.
The basic required configuration includes:
1. Making sure the GWIA "LDAP Context" matches your Internet browser's "Search Root" or "Search Base"
2. Identifying which post office will be used for the address lookup source.
3. If the Post Office is on a server other than GWIA, providing a user and password account allowing GWIA to access the Post Office database.
4. Exit and restart GWIA.
5. Configure your Internet browser to use GWIA as an LDAP service.

CONFIGURING GWIA LDAP SERVICES
The following information can be found in the gateway's help file. You can access it in NetWare Administrator's Help > Help Topics > Search button > Index tab by typing "LDAP".  Double click the "LDAP (GroupWise Internet Agent)" to display topics found, then select "Enable LDAP Services".

--Prerequisite
LDAP Services' directory searches will only be available for GroupWise post offices that are set up with the Direct Access Mode, not Client/Server Access Mode. When you select a Post Office while configuring LDAP Public Access you need to make sure  that the Post Office Link to that particular Post Office is using  either the "Direct" or "C/S and Direct" Access Mode.  This setting is found by going into Details on the GWIA object and choosing post office links.

GWIA 5.2
--Set Up LDAP Services in NWAdmin
To enable and configure LDAP services for client access in Advanced Settings:
1. From the NWAdmin browser window, right-click the Internet Agent object > click Details > Advanced Settings.
2. Verify that the Enable LDAP service parameter is turned ON.
3. Fill in the LDAP Context field. The entry in this field must match the "Search Root" or "Search Base" entry in your Internet browser client.
4. Fill in the LDAP Referral URL field (optional). This is the URL for another LDAP server.

--Set Up LDAP Public Access
To set up LDAP Public Access in Access Control:
1. From the NW-Admin browser window, right-click the Internet Agent object > click Details > Access Control page > LDAP Public button.
2. Click the Allow access radio-button to select a GroupWise post office that will be accessible for LDAP directory searches.
NOTE: Make sure that the Post Office is using Direct or C/S and Direct Access Mode. See the prerequisite section above.
3. Define the Visible Fields. This is where you specify which GroupWise fields will be searchable by the LDAP client. You can make the First Name, Last Name, Phone number, and E-mail address fields visible or not visible.
4. Fill in the Limit Search fields. You can specify the number  of entries to return, the amount of time to allow the search, and the number of minutes before timeout.

GWIA 5.5
--Set Up LDAP Services in NWAdmin32
To enable and configure LDAP services for client access in SMTP/MIME Settings:
1. From the NWAdmin32 browser window, right-click the Internet Agent object > click Details > LDAP Settings
2. Verify that the Enable LDAP service parameter is turned ON.
3. Fill in the LDAP Context field. The entry in this field must match the "Search Root" or "Search Base" entry in your Internet browser client. (optional, unless using NetWare 5.1)
4. Fill in the LDAP Referral URL field (optional). This is the URL for another LDAP server.

--Set Up LDAP Public Access
To set up LDAP Public Access in Access Control:
1. From the NW-Admin browser window, right-click the Internet Agent object > click Details > Access Control page > LDAP Public button.
2. Click the Allow access radio-button to select a GroupWise post office that will be accessible for LDAP directory searches.
NOTE: Make sure that the Post Office is using Direct or C/S and Direct Access Mode. See the prerequisite section above.
3. Define the Visible Fields. This is where you specify which GroupWise fields will be searchable by the LDAP client. You can make the First Name, Last Name, Phone number, and E-mail address fields visible or not visible.
4. Fill in the Limit Search fields. You can specify the number  of entries to return, the amount of time to allow the search, and the number of minutes before timeout.

NOTE: Make sure you EXIT and RESTART GWIA. GWIA will get a restart command, but it will not reread its configuration file (GWIA.CFG).

CREATING A GWIA LDAP SERVICE FOR NETSCAPE COMMUNICATOR 4.02
1. Select Edit > Preferences > expand Mail and Groups > Directory > New button > Add Directory Server.
2. "Description" = Anything you want
3. "LDAP Server" = DNS, hostname, or IP address of the server running GWIA
4. "Search Root" = Anything, but the entry must be the same as the "LDAP Context" field in GWIA. (Default is nothing.)

CREATING A GWIA LDAP SERVICE FOR INTERNET EXPLORER or IE 3.02
1. Select File > New Message > Mail > Choose Recipients > Find button > right click in Search window > Directory Services from pop up > Add button.
2. "Friendly Name" = Anything you want (General tab)
3. "Directory Service" = DNS, hostname, or IP address of the server running GWIA (General tab)
4. "Search Base for this Directory Service" = Anything, but the entry must be the same as the "LDAP Context" field in GWIA. (Default is c=US) (Advanced tab)
Note: If running IE 4.x there is a field "This server requires me to log on".  If this box is marked searches will fail.
.

Groupwise is a Server for LDAP we push our address book out with GWIA.  The GWIA is not an LDAP client.  This means that we cannot take LDAP information and put it into the GroupWise system.

Note: The post offices visibility to each other has to be set to system for them to be seen.

document

Document Title: How to configure LDAP with GWIA
Document ID: 10007372
Solution ID: 1.0.1154070.2079871
Creation Date: 31Mar1999
Modified Date: 06Feb2003
Novell Product Class:Connectivity Products
Groupware
NetWare

disclaimer

The Origin of this information may be internal or external to Novell. Novell makes all reasonable efforts to verify this information. However, the information provided in this document is for your information only. Novell makes no explicit or implied claims to the validity of this information.
Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information.