[Date Prev][Date Next] [Chronological] [Thread] [Top]

ROAMING on Netscape

To: openldap-software@OpenLDAP.org
Subject: ROAMING on Netscape
From: "Antonín Novak" <noc@cca.cz>
Date: Tue, 1 Feb 2000 09:32:16 +0100

I am currently investigating make use of Netscape Roaming using OpenLDAP1.2.8. and a test database that uses port 390
The Pcs in my company are configured as Win95, Win2000 orWinNT

I have followed the "Configuring Netscape roaming with OpendLDAP" but when Netscape tries to connect to the Roaming Access Server I get the following:-

The profile Antonin Novak requires a password ( This is as expected as this is the default log on on my PC). As I have not set up Antonin Novak in my test database. I key anything in exptecting a rejection which I receive in the form of a message
"An enexpected network error has occurred - Cannot access
the Roaming Access Server".

I am then prompted to enter a password for my test user Romus Maximus. I key in his password but still get the Network error. If I monitor the connection between my PC and the LDAP server I see no traffic.

Can anyone guide me in the right direction.

I have the following configured.
ON NETSCAPE
User Name: cn=Romus Maximus, ou=People, dc=pokuscca.cz, dc=cz

Address: LDAP Server domain name:390

UserDN: nsLIProfileName=Romus Maximus, ou-Roaming,
dc=pokuscca, dc=cz

IN LDAP

Slapd.conf
include /Zkousit/openldap-1.2.8/servers/slapd/slapd.at.conf
include /Zkousit/openldap-1.2.8/servers/slapd/slapd.oc.conf
include /Zkousit/openldap-1.2.8/servers/slapd/
ns-mcd-li-schema.conf
schemacheck off
lastmod on
#referral ldap://root.openldap.org/

pidfile %LOCALSTATEDIR%/slapd.pid
argsfile %LOCALSTATEDIR%/slapd.args

########################################################
# ldbm database definitions
########################################################

database ldbm
suffix "dc=pokuscca, dc=cz"
rootdn "cn=pokusmanager, dc=pokuscca, dc=cz"
rootpw xxxx
directory /Zkousit/openldap-1.2.8/var/slapd
defaultaccess none
access to dn="*,dc=pokuscca,dc=cz"
by self write
by dn="cn=noc,dc=pokuscca,dc=cz" write
by * read

access to dn=".*,ou=Roaming,dc=pokuscca,dc=cz"
by dnattr=owner write
by dn="cn=noc,dc=pokuscca,dc=cz" write

access to attr=userpassword
by self write
by dn="cn=noc,dc=pokuscca,dc=cz" write
by * none

/Zkousit/openldap-1.2.8/servers/slapd/ns-mcd-li-schema.conf

Originally from
## http://help.netscape.com/products/client/communicator/
manual_roaming2.html
## Edited to work with OpenLDAP 1.2.5
#
# Netscape Mission Control Desktop Roaming Access schema
#
attribute nsLIPtrURL 2.16.840.1.113730.3.1.399 ces
attribute nsLIPrefs 2.16.840.1.113730.3.1.400 ces
attribute nsLIProfileName 2.16.840.1.113730.3.1.401 cis
attribute nsLIData 2.16.840.1.113730.3.1.402 bin
attribute nsLIElementType 2.16.840.1.113730.3.1.403 cis
attribute nsLIServerType 2.16.840.1.113730.3.1.404 cis
##attribute nsLIVersion 2.16.840.1.113730.3.1.405 integer
attribute nsLIVersion 2.16.840.1.113730.3.1.405 bin
attribute nsServerPort 2.16.840.1.113730.3.1.280 cis

objectclass nsLIPtr
## oid 2.16.840.1.113730.3.2.74
requires
objectclass
allows
nsLIPtrURL,
owner

objectclass nsLIProfile
## oid 2.16.840.1.113730.3.2.75
requires
objectclass,
nsLIProfileName
allows
nsLIPrefs,
uid,
owner

objectclass nsLIProfileElement
## oid 2.16.840.1.113730.3.2.76
requires
objectclass,
nsLIElementType
allows
owner,
nsLIData
nsLIVersion

objectclass nsLIServer
## oid 2.16.840.1.113730.3.2.77
requires
objectclass,
serverhostname
allows
description,
cn,
nsServerPort,
nsLIServerType,
serverroot

Database entries

dn: ou=People, dc=pokuscca,dc=cz
objectclass: top
objectclass: organizationalUnit
ou: people

dn: cn=Romus Maximus, ou=People, dc=pokuscca,dc=cz
objectclass: top
objectclass: person
cn: Romus Maximus
sn: Maximus
userpassword: secret

dn: ou=Roaming, dc=pokuscca,dc=cz
objectclass: top
objectclass: organizationalUnit
ou: Roaming

dn: nsLIProfileName=Romus Maximus, ou=Roaming,
dc=pokuscca,dc=cz
objectclass: top
objectclass: nsLIProfile
nsliprofilename: Romus Maximus
owner: cn=Romus Maximus, ou=People, dc=pokuscca,dc=cz

Another problem I may have with Roaming on Netscape is that our default server is NT, this server allows eastern european characters but LDAP does not accomodate these characters. The initial logon request these czech characters (eg Antonin Novak has a "long i" in Antonin). Does anyone know whether this will cause a major problem to us or will i have to wait for LDAP v3?

I am looking at giving users the option of synchronising all their passwords based upon their Mail server password. The mail Server is on the same Unix machine as the LDAP server and if I have configred it correctly the ROAMING Access Server. Has anyone any suggestions for how I can automatically change the userpassword for users on my LDAP and ROAMING servers. ( I think they are one and the same.)

Can anyone recommend a good manual/book, that explains the full scope of what LDAP can do and instructions of how to do it. (in english). I hopefully won't have to keep bothering you.

Hope that you can help.

Thanks

Tony







Follow-Ups:

Re: ROAMING on Netscape
From: Deke Clinger <deke@pobox.com>






Prev by Date:
Re: slapd grows without bounds


Next by Date:
Re: Newbie - needs help.


Index(es):

Chronological
Thread