| Before attempting an SSL connection to an NDS directory with an LDAP
client application, you must perform six steps:
- Download and install this example application project directory from the
above link
- Download and install Novell's Win32 LDAP C SDK. Installs providing Novell's
LDAP SDKs for C are available for free on:
http://developer.novell.com/ndk/ldap-index.htm.
- An LDAP program will need to load certain DLLs in the SDK in order to
access NDS. Copy the Ldapsdk, Ldapssl, Ldapx, and nssl DLLs from the SDK's Bin
directory into the directory that will contain the executable requiring NDS
access, if you have one (OrgChart or OrgBuilder for example). This way, the
executable can find and load the SDK DLLs when it is run.
- Install the latest version of Novell's cryptographic support modules for
Windows clients from http://www.novell.com/products/cryptography.
- From the NWAdmin or ConsoleOne application, use NDS security objects to
create and export a server certificate .der file from the NetWare server you
will be using to host LDAP.
- Copy the certificate file (.der) into the directory that will contain your
LDAP executable code. This makes it possible for the executable to find and
open the certificate file when it is run.
Notes: For information about how certificates are used to
establish a secure connection between the client and the NDS directory server,
refer to How client applications connect to LDAP
Services for NDS
For help in performing steps 4-7 to enable your app to find and use your
server's certificate, see
Configuring LDAP
Services for NDS.
Currently, unless the "Allow Clear Text Passwords" selection is
checked in the LDAP Group object in the target tree, the LDAP Services for NDS
NLM will reject any attempt to authenticate over a non-SSL connection and
default to an unauthenticated bind, (public access only).
|
