Anonymous_User Absent Member.
Absent Member.
847 views

LDAP Help Please

We are going to have an outside vendor spam filter our email and want
them to LDAP query our system so that they recognize our valid GroupWise
email addresses. A Novell technician that assists us, believes that we
want the vendor's LDAP query to query off our GWIA (not eDIR) so that
they can recognize all the types of GroupWise accounts (external
entities, nicknames, aliases, dist lists, resources, etc.). Therefore, he
believes the LDAP should be enabled on the GWIA instead of the NLDAP.NLM
option on the server.

Can someone verify this is accurate? Also, we are trying to figure out
what info (what LDAP fields do we tell them to query) so they see the
info accurately? We have provided them with the root of our tree, but
they do not seem to be seeing all of the GroupWise accounts.

It is very difficult to find any info in the Novell TIDs that go into
enough detail.
Labels (1)
0 Likes
2 Replies
Anonymous_User Absent Member.
Absent Member.

Re: LDAP Help Please

You can try several things:
1. query "cn" at the O level, but that will return all CNs regardless of e-mail account or not
2. query "email" at the O level. I'm not sure if this is the correct object identifier for LDAP - I'm researching this for something I need here.
3. enable ldap on the GWIA. Enable the LDAP service on the LDAP tab, then go to the LDAP tab and type in the context such as O=MYTREE

>>> <lbinner@jjkeller.com> 3/18/2007 10:41 PM >>>

We are going to have an outside vendor spam filter our email and want
them to LDAP query our system so that they recognize our valid GroupWise
email addresses. A Novell technician that assists us, believes that we
want the vendor's LDAP query to query off our GWIA (not eDIR) so that
they can recognize all the types of GroupWise accounts (external
entities, nicknames, aliases, dist lists, resources, etc.). Therefore, he
believes the LDAP should be enabled on the GWIA instead of the NLDAP.NLM
option on the server.

Can someone verify this is accurate? Also, we are trying to figure out
what info (what LDAP fields do we tell them to query) so they see the
info accurately? We have provided them with the root of our tree, but
they do not seem to be seeing all of the GroupWise accounts.

It is very difficult to find any info in the Novell TIDs that go into
enough detail.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: LDAP Help Please

Well, what's strange is that we had LDAP enabled at the GWIA and our spam
filtering vendor was using LDAP the past couple years to know about all
our GWise accts so we can avoid the spam dictionary attacks. Besides all
the "regular" email addresses, they were also successfully seeing all our
nicknames, aliases, etc. Now, since we upgraded from 6.5 to 7.01 IR1 I
can't get a test ldap query batch file to work that one of my Novell
technician's wrote so I could check that LDAP is working from time to
time. We get a LDAP-BIND: Protocol error when we try to run it.If I
unload LDAP at the GWIA and load nldap instead, the batch test file runs,
but I don't believe I get all the groupwise info that a vendor would need
to do this. Also, appears any new nicknames I've created since the
upgrade to GW701IR1 are no longer recognized by our current spam
filtering provider, however the existing nicknames before the ugprade are
recognized.

> You can try several things:
> 1. query "cn" at the O level, but that will return all CNs regardless

of =
> e-mail account or not
> 2. query "email" at the O level. I'm not sure if this is the correct =
> object identifier for LDAP - I'm researching this for something I need =
> here.
> 3. enable ldap on the GWIA. Enable the LDAP service on the LDAP tab, =
> then go to the LDAP tab and type in the context such as O=3DMYTREE
>
> >>> <lbinner@jjkeller.com> 3/18/2007 10:41 PM >>>

> We are going to have an outside vendor spam filter our email and want=20
> them to LDAP query our system so that they recognize our valid

GroupWise=20=
>
> email addresses. A Novell technician that assists us, believes that

we=20
> want the vendor's LDAP query to query off our GWIA (not eDIR) so that=20
> they can recognize all the types of GroupWise accounts (external=20
> entities, nicknames, aliases, dist lists, resources, etc.). Therefore, =
> he=20
> believes the LDAP should be enabled on the GWIA instead of the

NLDAP.NLM=20=
>
> option on the server.
>
> Can someone verify this is accurate? Also, we are trying to figure

out=20
> what info (what LDAP fields do we tell them to query) so they see the=20
> info accurately? We have provided them with the root of our tree, but=20
> they do not seem to be seeing all of the GroupWise accounts.
>
> It is very difficult to find any info in the Novell TIDs that go into=20
> enough detail.
>


0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.