Lotus Notes Redirection on Novell Access Manager Using PHP and LDAP

Lotus Notes Redirection on Novell Access Manager Using PHP and LDAP

Introduction

Adding Notes Servers to the Proxy

Configuring Your Web Page

Testing



Introduction



Using Novell Access Manager for corporate email from outside the company is an simple and effective solution. Most email systems, such as GroupWise and Lotus Notes, allow users to access their email from a web-based front end. The problem with Notes is that you have to know what Notes server your mailbox resides on and then authenticate to that specific server. If you have three Notes servers, you don't want three mail icons on your home page for users to choose from.



This AppNote explains a way to configure both Novell Access Manager and your home page to do the following things:



  • Perform an LDAP search, using PHP, to determine on which Notes server the current logged in user resides.

  • Present only a single email icon.


I used the Digital Airlines example that comes with Novell Access Manager 3 for ease of use.



Prerequisites:





Adding Notes Servers to the Proxy



We'll start by adding the additional Notes servers to the proxy.



1. Log in to the Administration Console and select Access Gateways.







Click to view.


Figure 1




Figure 1 - Access Gateways screen



2. Click Edit.



3. Click the Reverse Proxy you configured previously.







Click to view.


Figure 2




Figure 2 - Proxy Service list



4. Click New.



5. Add the additional Proxy Services, using the settings shown.







Click to view.


Figure 3




Figure 3 - Settings for additional proxy services



6. Click OK and select the newly created proxy service.



7. Enable the default Identity Injection policy to ensure that your login name to NAM is passed to the Web Server.







Click to view.


Figure 4




Figure 4 - Enabling the Identity Injection policy



8. Save and update your Access Gateway.



Configuring Your Web Page



1. Copy the file "functions.php" (at the end of this document) to /srv/www/htdocs/ on your Web server.



2. Open /srv/www/htdocs/index.php in your favorite editor and scroll down to the following section:



$headers = apache_request_headers();
foreach($headers as $header => $value)
{
$found = false;
if($header == "X-Name")
{
$found = true;
echo "<b>Welcome: $value</b>";
}
}


3. After the above "}" insert the following code:



$qry1 = $value . '@mydomain.com';
$server = 'ldap://192.168.1.55';
$user='cn=<ldapusername>';
$pass='<password>';
include ('functions.php');
$ds=LDAPConn_Bind($server,389,$user,$pass);
$rs=LDAPGetUser($ds, $qry1);

$dom1 = "notes1";
$dom2 = "notes2";
$dom3 = "notes3";


4. Make sure that the "?>" is AFTER the inserted code. This tells the browser that the section of PHP code is complete.



5. Now scroll down further to the line that displays the email link.



<td><a href="/webacc" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('Image13','','images/email_on.gif',1)">
<img src="images/email.gif" name="Image13" width="196" height="86" border="0"></a></td>



6. Change the coding to reflect what is shown below.



<?php
  if(stristr($rs, $dom1)) {
    $notes_server = $dom1;
  }  elseif(stristr($r, $dom2)) {
    $notes_server = $dom2;
  }  elseif(stristr($r, $dom3)) {
    $notes_server = $dom3;
  }
  switch($notes_server) {
  case "notes1":
    echo "<a href=\"/webacc\" ><img src=\"images/email.gif\" name=\"Image13\" width=\"196\" height=\"61\" border=\"0\"></a></td>";
    break;
  case "notes2":
    echo "<a href=\"/webacc2\" ><img src=\"images/email.gif\" name=\"Image13\" width=\"196\" height=\"61\" border=\"0\"></a></td>";
    break;
  case "notes3":
    echo "<a href=\"/webacc3\" ><img src=\"images/email.gif\" name=\"Image13\" width=\"196\" height=\"61\" border=\"0\"></a></td>";
    break;
  }
?>



This will also add the additional links for the other Notes servers.



7. Save the file and exit.



8. Remember to log back into the Administration Console and Purge the Cache on the Access Gateway.



Testing



1. Log in into the Access Gateway as normal.







Click to view.


Figure 5




Figure 5 - Access Gateway



You'll see your Default page:







Click to view.


Figure 1




Figure 6 - Default page



2. Click the Corporate Mail button.





<




Click to view.


Figure 7




Figure 7 - Corporate Mail login for Notes Server



There it is!



3. Log in to your Notes Server.



Here is the code for Functions.php ...



<?php

function LDAPConn_Bind($srv, $port, $LDAPUser, $LDAPPass)
{
global $LDAPConn, $LDAPUser, $LDAPPass;

$conn=ldap_connect($srv, $port);
if (!$conn)
{
die("Failed LDAP_Connect.<br />");
}


ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3);
$r=@ldap_bind($conn, $LDAPUser, $LDAPPass);
if (!$r)
{
echo "LDAP Error: ", ldap_error($conn), "<br />\n";
return false;
}
$LDAPConn = $conn;
return $conn;
}

function LDAPGetUser($conn, $qry1)
{
if (empty($conn)) return 2;
$attrnames = array("mail", "mailserver");

$sr=ldap_search($conn, "o=[BASE DN]", "(mail=$qry1)");
$entries = ldap_get_entries($conn, $sr);
for ($i=0; $i < $entries["count"]; $i++)
{

$mailserv = $entries[$i]["mailserver"][0];

}

ldap_close($conn);
return $mailserv;
}

Labels (1)

DISCLAIMER:

Some content on Community Tips & Information pages is not officially supported by Micro Focus. Please refer to our Terms of Use for more detail.
Top Contributors
Version history
Revision #:
3 of 3
Last update:
‎2020-01-31 22:09
Updated by:
 
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.