[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP, SSL, Roaming Access.

To: Mark C Smith <mcs@netscape.com>
Subject: Re: LDAP, SSL, Roaming Access.
From: "Michael R. Gettes" <gettes@Princeton.EDU>
Date: Fri, 26 Feb 1999 13:22:22 -0500
Cc: Gerrit Thomson <334647@swin.edu.au>, "C. R. Oldham" <cro@nca.asu.edu>, openldap-general@OpenLDAP.org
Organization: Princeton University, CIT, Collaboration Services Group
References: <36D6D4E5.7AC7B682@netscape.com>

The netscape documentation is not correct.  It says that Apache
does not support the HTTP MOVE method.  While this is true
with the base apache installation, there is an apache module which
enables MOVE and instructions that allow for getting the roaming
service to work with HTTP in a secure fashion (each roaming user,
if authenticated, cannot see another roaming user's preference store).
We use this at Princeton... works great!  Please note, we were unable
to make this work with Netscape Enterprise or Fasttrack servers,
even after calling support.

Will Communicator ever support https for roaming?

/mrg

Mark C Smith wrote:

> On 25 February 1999, Gerrit Thomson wrote:
>
> > Hi,
> >     I have roaming access currnetly running against secure ldap on a
> > netsacpe directory server. Have also had both http and https against an
> > apache server with mod_put and mod_ssl modules (not mod_dav yet ).
> >
> > A technical/ philosophical problem wiht using the ldap service is that the
> > client maintains a connection to the server. In a small organisation this
> > would not be a problem as most ldap server are by derault configured to
> > enable up to 2000 connection. In our organisation we are looking at
> > approaching this limit and so would use the http/s version.
>
> I asked some of the Communicator 4.5 developers about this, and they
> said that they thought the client did time out the connection after a
> while and disconnect.  Apparently there is a prefs.js setting called
> li.server.ldap.idletimeoutms that you can set (in milliseconds) to
> control the timeout delay.
>
> > ...
> > Another problem is the granulaity of the data being stored. The grouping
> > together of the "user preferences" with "mail filters" and "address book"
> > means that persons using a different proxy configuration loose their mail
> > info.
>
> A response on this one from our developers:
>
>    To get around the proxy problems, create a user.js file in the
>    same directory as the prefs.js.  In that file, set the proxy
>    information to be 'local'.  You do this by saying
>    localPref("pref_you_dont_want_to_transfer");  This way you can still
>    transfer the prefs files, but keep certain attributes local.
>
> Some additional information on these preferences can be found in this
> tech note on our web site:
>
> http://help.netscape.com/products/client/communicator/manual_roaming2.html
>
> I hope this helps!
>
> -------
> Mark Smith
> Directory Architect / Netscape Communications Corp.
> My words are my own, not my employer's.  Got LDAP?

Follow-Ups:
- Re: LDAP, SSL, Roaming Access.
  - From: mcs@netscape.com (Mark C Smith)

References:
- Re: LDAP, SSL, Roaming Access.
  - From: mcs@netscape.com (Mark C Smith)

Prev by Date: Re: LDAP, SSL, Roaming Access.
Next by Date: Re: LDAP, SSL, Roaming Access.
Index(es):
- Chronological
- Thread