NOVELL TECHNICAL INFORMATION DOCUMENT TITLE: LDAP 1.03A patch README FOR: LDAP103A.EXE NOVELL PRODUCTS and VERSIONS: LDAP Services for NDS 1.0 ABSTRACT: This is a patch file must be applied on top of Novell's LDAP services for NDS 1.01. Do not install this patch until LDAP 1.01 has been installed. ----------------------------------------------------------------- DISCLAIMER THE ORIGIN OF THIS INFORMATION MAY BE INTERNAL OR EXTERNAL TO NOVELL. NOVELL MAKES EVERY EFFORT WITHIN ITS MEANS TO VERIFY THIS INFORMATION. HOWEVER, THE INFORMATION PROVIDED IN THIS DOCUMENT IS FOR YOUR INFORMATION ONLY. NOVELL MAKES NO EXPLICIT OR IMPLIED CLAIMS TO THE VALIDITY OF THIS INFORMATION. ----------------------------------------------------------------- ISSUE: INTRODUCTION LDAP Services for NDS publishes information stored in Novell Directory Services (NDS) to Lightweight Directory Access Protocol (LDAP) Clients. LDAP is a developing Internet protocol for accessing directory information such as user and host data. It is expected that LDAP client software will soon become a standard feature of Internet browsers and that LDAP will become the standard protocol for accessing directory information over the Internet. This release supports LDAP v2 and is based on the University of Michigan LDAP v3.3 distribution. APPLICATION NOTES To administer LDAP Services for NDS, you must use NetWare Administrator V4.11 or later or NetWare Administrator NT. Both are available from Novell's world-wide web site, www.novell.com. (Since the actual links may change, they have not been included in this readme.) After you update an LDAP Services for NDS server from v1.01 to v1.03a, you must unload and reload the NLDAP NLM to begin using the new NLM. Check the console screen to verify that this patch installation successfully unloaded and reloaded it. LDAP Services for NDS is preconfigured to map a subset of LDAP classes and attributes to a subset of NDS classes and attributes. Because of differences in the LDAP and NDS schemas, many supported LDAP and NDS classes and attributes are not mapped in the default configuration. You should examine the class and attribute mappings and reconfigure as needed. For example, if you want to add users to NDS with the SWIX client, you should add the following mappings to the class map list in the LDAP Group object: * quipuObject -> User * pilotObject -> User KNOWN PROBLEMS When configuring the Suffix attribute of the LDAP Group object, you should delete the old suffix before using the Browse button to select a new suffix. If you do not delete the old suffix first, multiple suffix entries are created. This release does not support connectionless LDAP requests. Although you can use NetWare Administrator to configure the UDP Port attribute on the LDAP Server object, this attribute is provided to support connectionless LDAP and is not operational in this release. BUG FIXES Fixed in v1.01 Fixed --Some LDAP clients send redundant attribute data to the server during Add requests. This redundant attribute data is rejected by the server and the Add request fails. This occurs when the Add request includes both the fully distinquished name and a naming attribute. For example, this occurs when both the common name for the new object and the fully distinguished name are included in an Add request. Fixed --When searching many objects, the response can contain what appears to be duplicate objects. In this situation, the attribute data for a single object is divided between the two instances of the object. Fixed --When an LDAP client is used to create a Directory object, the object name is created with lowercase letters. Fixed --When NetWare Administrator encounters an error while saving the LDAP Services for NDS configuration, it does not display a message. Fixed in v1.03a Fixed --Improper conversion of binary LDAP attribute values into NDS octet strings. Fixed --Connections prematurely terminated by the server when an LDAP request spans multiple TCP/IP packets. Fixed --When a distinguished name is not valid, server abends as it tries to determine which portion of the distinguished name is valid. Fixed --Connections are closed improperly when the client terminates the connection directly from TCP/IP rather than through the LDAP unbind request. Fixed --When the client is the only connection being serviced by the LDAP server and has previously reduced the flow of data in the TCP/IP connection to the server, the server does not reliably return responses to the client. Fixed --When a search is performed against a DS tree with multiple partitions and the last partition searched does not contain any matching entries, the server does not return all the entries found on the other partitions. Self-Extracting File Name: ldap103a.exe Files Included Size Date Time ..\ LDAP103A.TXT (This file) LDAP103A.IPS 1866 9-5-97 5:23:40 pm LDAP103A.TXT 6418 9-5-97 5:24:24 pm ..\ETC\ NLDAP.CFG 2414 11-26-96 7:24:58 pm ..\SYSTEM\ NLDAP.NLM 151160 6-2-97 10:03:28 pm Installation Instructions: 1. Copy the self-extracting patch file to a temporary directory on the file server. Example: SYS:\TEMP 2. Run the self-extracting executeable to extract the patch file(s), documentation and installation script. 3. Load INSTALL on the server. 4. Select "Product options". 5. Select "Install a product not listed". 6. Select and enter the path where you extracted the patch file. Example: SYS:\TEMP 7. Follow the instructions displayed. Note: This installation will make a backup of the file(s) it will replace. To back-off this patch, copy the file(s) from the backup directory created during the installation to their proper location(s), unload, and reload the replaced modules. ----------------------------------------------------------------- Any trademarks referenced in this document are the property of their respective owners. Consult your product manuals for complete trademark information. -----------------------------------------------------------------