> Problem solved. Apparently the new Iplanet 4.1 webserver can only do > LDAP v3. The older web servers can do LDAP v2 and v3. So, the new > servers have less functionality. > Netscape/Iplanet fails to mention this in any of their documentation, > but that's how they make their money (when someone has to call their > support and pay $150 for a support incident, where the solution is a > failure on their part to mention information in their documentation, > or failure to mention a bug. I had them pull this on me > a couple years ago as well. I was trying to get the 'search' > functionality enabled, which was part of 'web publishing'. There > is/was a bug in permissions issues where I had to chown/chmod a bunch > of files for it to work, as instructed by the tech support guy. Did you finally get it to work the way you needed it to work? I have a similar issue. I needed to connect NES to Exchange 5.5 LDAP for an authentication source for a special web page and could not get anywhere with it. Finally after calling Netscape (iPlanet) I was told that it will not work and that I needed to buy Netscape Directory Server to run on an NT server and run the NDS sync service on my PDC. Netscape's own documentation says that NES is Active Directory ready, but I needed a solution. Not wanting to buy NDS (Netscape Directory Server) or any other third party meta-directory and not wanting to run a service on our PDC that would become unsupported as soon as we upgrade to active directory. Netscape claims to only support NDS and its sync service on NT4. Yes, yes we tried it and it does work on NT5 (WIN2K) server, but where I work we do not run unsupported software. I finally would up making a web page that asks for the user's LAN credentials then passes that to a perl script that uses perl LDAP to bind the user to Exchange and retrieve some info and then uses a directory manager account to push that info into NDS on our AIX web server to pre-populate the user's credentials into NDS LDAP on AIX. This all works, but is a bit of a kludge and we cannot successfully hand the user off to the web page on the AIX server without them getting a prompt to login from NES. Of course since their credentials are pre-populated they can go ahead and login no problem. I've been trying to find the Netscape::Server perl module which may help, but have not found it yet. In trying to get NES to talk to exchange I went into the global settings and put my LDAPified version of my LAN credentials in and there was no complaint from NES, but no one could login to the web server to view the web pages. I did previously get it to work against Novell NDS via LDAP on a NW5 server, but we are moving away from Novell NOS so I want it to work with exchange. with Novell NES did require a proxy account that permitted clear text authentication. Maybe I need to some how set an exchange account up as a proxy with clear text passwords, but I don't know if this can be done or how to do it. Anyway, to make a long story short. Did you get yours working? Se le vie, BL
