[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: schema for netscape roaming server

To: "GOMBAS Gabor" <gombasg@inf.elte.hu>, <openldap-software@OpenLDAP.org>
Subject: RE: schema for netscape roaming server
From: "Michael Clark" <michael@metaparadigm.com>
Date: Sun, 25 Mar 2001 09:07:10 +0800
Importance: Normal
In-reply-to: <20010323174114.W76776@pandora.inf.elte.hu>

I'm using it, works great for me - everything I've tried works including
bookmarks, although I haven't tried Java Security or certificates.

I'm using a slightly different directory layout than the document at the link
mentioned suggests. ie.

Netscape Roaming Settings
Address:
ldap://myserver.com/nsLIProfilename=default,uid=$USERID,dc=metaparadigm,dc=com
User DN: uid=$USERID,dc=metaparadigm,dc=com

This is slightly simpler as the Netscape Roaming profile is now a child of the
user rather than in a seperate roaming tree. With this layout, I can have
multiple roaming profiles for a user. Also using the $USERID substitution, I can
do guest logins without needing to change roaming preferences on the browser.

As I remember, I just needed to add a objectclass: nsLIProfile to the user to
allow the profile as a child - then I added this to my user:

dn: nsLIProfileName=default,uid=some_user,dc=metaparadigm,dc=com
objectclass: top
objectclass: nsLIProfile
nsLIProfileName: default
owner: uid=some_user,dc=metaparadigm,dc=com

The reason I made the profile a child of the user was so I could get a 'by self
write' ACL working for profile updates although it didn't seem to work. Netscape
seems to do some funny stuff with authentication so you must have the ACL setup
right as it doesn't seem be bound as the user when doing the directory updates.
This works for me:

access to dn=".*,nsLIProfilename=.*,uid=.*,dc=metaparadigm,dc=com"
        by dnattr=owner write

~mc

> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of GOMBAS Gabor
> Sent: Saturday, 24 March 2001 12:41 a.m.
> To: openldap-software@OpenLDAP.org
> Subject: Re: schema for netscape roaming server
>
>
> On Fri, Mar 23, 2001 at 02:48:03PM +0000, Konstantin Chuguev wrote:
>
> > I think that's what you need:
> >
> http://home.kabelfoon.nl/~hvdkooij/Netscape_and_OpenLDAP_v2/netscape-a
> nd-openldap-v2.html
>
> Is anybody using it? When I tried to play with it last year, I was not able
> to store my bookmarks in LDAP since slapd rejected the update because of
> bad attribute syntax. I had no time to debug it since then...
>
> Gabor
>
> --
> Gabor Gombas                                       Eotvos Lorand University
> E-mail: gombasg@inf.elte.hu                        Hungary
>
>

Follow-Ups:
- Re: schema for netscape roaming server
  - From: prune <prune@lecentre.net>
- Re: schema for netscape roaming server
  - From: prune <prune@lecentre.net>

References:
- Re: schema for netscape roaming server
  - From: GOMBAS Gabor <gombasg@inf.elte.hu>

Prev by Date: Re: schema for netscape roaming server
Next by Date: Is update possible?
Index(es):
- Chronological
- Thread