Re: LDAP, SSL, Roaming Access.

[mcs@netscape.com (Mark C Smith)]

On 25 February 1999, Gerrit Thomson wrote:

> Hi,
>     I have roaming access currnetly running against secure ldap on a
> netsacpe directory server. Have also had both http and https against an
> apache server with mod_put and mod_ssl modules (not mod_dav yet ).
> 
> A technical/ philosophical problem wiht using the ldap service is that the
> client maintains a connection to the server. In a small organisation this
> would not be a problem as most ldap server are by derault configured to
> enable up to 2000 connection. In our organisation we are looking at
> approaching this limit and so would use the http/s version.

I asked some of the Communicator 4.5 developers about this, and they
said that they thought the client did time out the connection after a
while and disconnect.  Apparently there is a prefs.js setting called
li.server.ldap.idletimeoutms that you can set (in milliseconds) to
control the timeout delay.


> ...
> Another problem is the granulaity of the data being stored. The grouping
> together of the "user preferences" with "mail filters" and "address book"
> means that persons using a different proxy configuration loose their mail
> info.

A response on this one from our developers:

   To get around the proxy problems, create a user.js file in the
   same directory as the prefs.js.  In that file, set the proxy
   information to be 'local'.  You do this by saying
   localPref("pref_you_dont_want_to_transfer");  This way you can still
   transfer the prefs files, but keep certain attributes local.

Some additional information on these preferences can be found in this
tech note on our web site:

http://help.netscape.com/products/client/communicator/manual_roaming2.html

I hope this helps!

-------
Mark Smith
Directory Architect / Netscape Communications Corp.
My words are my own, not my employer's.  Got LDAP?