Creating & Configuring LDAP Server and Group objects in eDirectory

To initialize LDAP on a server, both the LDAP Server object and the LDAP Group object must be created and properly configured. Otherwise the LDAP initialization will fail. This applies to Novell eDirectory 8.6 and 8.7 for all platforms.

Create an LDAP Server object.

1. Create a new object of type LDAP Server in the same context as the server object.
2. Name it whatever you want. The convention is 'LDAP Server - SERVERNAME' (where SERVERNAME is the name of your server where LDAP will run).

Create an LDAP Group object.

1. Create a new object of type LDAP Group in the same context as the server object.
2. Name the Group object whatever you want. The convention is'LDAP Group - SERVERNAME'.

Configure the LDAP Server object.

1. Go to the properties of the newly created LDAP Server object.
2. On the General tab in the Host Server field, browse to the server SERVERNAME and verify the results.
3. Check the following attributes on the LDAP Server object.

Check the following attributes on the LDAP Group object. Server list tab - The LDAP server object is in the LDAP server list.
Other tab - Make sure the ldapConfigVersion attribute has proper value.For eDir 8.7.1 value should be 7.For eDir 8.7.1.1 value should be 8.
Other tab - Verify the ldapConfigVersion attribute value is 8. (eDirectory 8.7.3) Other tab - Verify the ldapConfigVersion attribute value is 7.
(eDirectory 8.7.1)

For a Windows 2000 server running Active Directory and eDirectory:

1. On the General tab, change the LDAP port to something other than 389, as Active Directory uses 389. Port 390 is recommended unless another application is using that port.
2. On the SSL Configuration tab, change the SSL port to something other than 636, as Active Directory uses 636. Port 637 is recommended unless another application is using that port.

Assigning Rights

1. Under NDS Rights, add the SERVERNAME server as a trustee and assign it Supervisor rights.