Article

(View Disclaimer)

Introduction
Adding Notes Servers to the Proxy
Configuring Your Web Page
Testing

Introduction

Using Novell Access Manager for corporate email from outside the company is an simple and effective solution. Most email systems, such as GroupWise and Lotus Notes, allow users to access their email from a web-based front end. The problem with Notes is that you have to know what Notes server your mailbox resides on and then authenticate to that specific server. If you have three Notes servers, you don't want three mail icons on your home page for users to choose from.

This AppNote explains a way to configure both Novell Access Manager and your home page to do the following things:

• Perform an LDAP search, using PHP, to determine on which Notes server the current logged in user resides.
• Present only a single email icon.

I used the Digital Airlines example that comes with Novell Access Manager 3 for ease of use.

Prerequisites:

• Novell Access Manager 3 - installed and configured
• PHP Mod for Apache installed on Web Host Server
• LDAP enabled on Domino servers
• Ensure that the "mailserver" LDAP attribute is enabled for queries on Domino. See this link for steps:
  http://www.ibm.com/developerworks/lotus/library/lwp-nd/index.html

Adding Notes Servers to the Proxy

We'll start by adding the additional Notes servers to the proxy.

1. Log in to the Administration Console and select Access Gateways.

Click to view.

Figure 1

Figure 1 - Access Gateways screen

2. Click Edit.

3. Click the Reverse Proxy you configured previously.

Click to view.

Figure 2

Figure 2 - Proxy Service list

4. Click New.

5. Add the additional Proxy Services, using the settings shown.

Click to view.

Figure 3

Figure 3 - Settings for additional proxy services

6. Click OK and select the newly created proxy service.

7. Enable the default Identity Injection policy to ensure that your login name to NAM is passed to the Web Server.

Click to view.

Figure 4

Figure 4 - Enabling the Identity Injection policy

8. Save and update your Access Gateway.

Configuring Your Web Page

1. Copy the file "functions.php" (at the end of this document) to /srv/www/htdocs/ on your Web server.

2. Open /srv/www/htdocs/index.php in your favorite editor and scroll down to the following section:

$headers = apache_request_headers();
foreach($headers as $header => $value)
{
	$found = false;
	if($header == "X-Name")
  {
		$found = true;
		echo "<b>Welcome: $value</b>";
  }
}

3. After the above "}" insert the following code:

$qry1 = $value . '@mydomain.com';
$server = 'ldap://192.168.1.55';
$user='cn=<ldapusername>';
$pass='<password>';
include ('functions.php');
$ds=LDAPConn_Bind($server,389,$user,$pass);
$rs=LDAPGetUser($ds, $qry1);

$dom1 = "notes1";
$dom2 = "notes2";
$dom3 = "notes3";

4. Make sure that the "?>" is AFTER the inserted code. This tells the browser that the section of PHP code is complete.

5. Now scroll down further to the line that displays the email link.

<td><a href="/webacc" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('Image13','','images/email_on.gif',1)">
<img src="images/email.gif" name="Image13" width="196" height="86" border="0"></a></td>

6. Change the coding to reflect what is shown below.

<?php
  if(stristr($rs, $dom1)) {
    $notes_server = $dom1;
  }  elseif(stristr($r, $dom2)) {
    $notes_server = $dom2;
  }  elseif(stristr($r, $dom3)) {
    $notes_server = $dom3;
  }
  switch($notes_server) {
  case "notes1":
    echo "<a href=\"/webacc\" ><img src=\"images/email.gif\" name=\"Image13\" width=\"196\" height=\"61\" border=\"0\"></a></td>";
    break;
  case "notes2":
    echo "<a href=\"/webacc2\" ><img src=\"images/email.gif\" name=\"Image13\" width=\"196\" height=\"61\" border=\"0\"></a></td>";
    break;
  case "notes3":
    echo "<a href=\"/webacc3\" ><img src=\"images/email.gif\" name=\"Image13\" width=\"196\" height=\"61\" border=\"0\"></a></td>";
    break;
  }
?>

This will also add the additional links for the other Notes servers.

7. Save the file and exit.

8. Remember to log back into the Administration Console and Purge the Cache on the Access Gateway.

Testing

1. Log in into the Access Gateway as normal.

Click to view.

Figure 5

Figure 5 - Access Gateway

You'll see your Default page:

Click to view.

Figure 1

Figure 6 - Default page

2. Click the Corporate Mail button.

< Click to view. Figure 7

Figure 7 - Corporate Mail login for Notes Server

There it is!

3. Log in to your Notes Server.

Here is the code for Functions.php ...

<?php

function LDAPConn_Bind($srv, $port, $LDAPUser, $LDAPPass)
{
	global $LDAPConn, $LDAPUser, $LDAPPass;

	$conn=ldap_connect($srv, $port);
	if (!$conn)
	{
		die("Failed LDAP_Connect.<br />");
	}


	ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3);
	$r=@ldap_bind($conn, $LDAPUser, $LDAPPass);
	if (!$r)
	{
		echo "LDAP Error: ", ldap_error($conn), "<br />\n";
		return false;
	}
	$LDAPConn = $conn;
	return $conn;
}

function LDAPGetUser($conn, $qry1)
{
	if (empty($conn)) return 2;
	$attrnames = array("mail", "mailserver");

	$sr=ldap_search($conn, "o=[BASE DN]", "(mail=$qry1)");
	$entries = ldap_get_entries($conn, $sr);
	for ($i=0; $i < $entries["count"]; $i++)
  	{	

		$mailserv = $entries[$i]["mailserver"][0];

  	}

	ldap_close($conn);
	return $mailserv;
}

Disclaimer: As with everything else at Cool Solutions, this content is definitely not supported by Novell (so don't even think of calling Support if you try something and it blows up).

It was contributed by a community member and is published "as is." It seems to have worked for at least one person, and might work for you. But please be sure to test, test, test before you do anything drastic with it.