Novell Home

Lotus Notes Redirection on Novell Access Manager Using PHP and LDAP

Novell Cool Solutions: AppNote
By Michael Faris

Digg This - Slashdot This

Posted: 12 Sep 2007
 

Introduction
Adding Notes Servers to the Proxy
Configuring Your Web Page
Testing

Introduction

Using Novell Access Manager for corporate email from outside the company is an simple and effective solution. Most email systems, such as GroupWise and Lotus Notes, allow users to access their email from a web-based front end. The problem with Notes is that you have to know what Notes server your mailbox resides on and then authenticate to that specific server. If you have three Notes servers, you don't want three mail icons on your home page for users to choose from.

This AppNote explains a way to configure both Novell Access Manager and your home page to do the following things:

  • Perform an LDAP search, using PHP, to determine on which Notes server the current logged in user resides.
  • Present only a single email icon.

I used the Digital Airlines example that comes with Novell Access Manager 3 for ease of use.

Prerequisites:

Adding Notes Servers to the Proxy

We'll start by adding the additional Notes servers to the proxy.

1. Log in to the Administration Console and select Access Gateways.

Figure 1 - Access Gateways screen

2. Click Edit.

3. Click the Reverse Proxy you configured previously.

Figure 2 - Proxy Service list

4. Click New.

5. Add the additional Proxy Services, using the settings shown.

Figure 3 - Settings for additional proxy services

6. Click OK and select the newly created proxy service.

7. Enable the default Identity Injection policy to ensure that your login name to NAM is passed to the Web Server.

Figure 4 - Enabling the Identity Injection policy

8. Save and update your Access Gateway.

Configuring Your Web Page

1. Copy the file "functions.php" (at the end of this document) to /srv/www/htdocs/ on your Web server.

2. Open /srv/www/htdocs/index.php in your favorite editor and scroll down to the following section:

$headers = apache_request_headers();
foreach($headers as $header => $value)
{
	$found = false;
	if($header == "X-Name")
  {
		$found = true;
		echo "<b>Welcome: $value</b>";
  }
}

3. After the above "}" insert the following code:

$qry1 = $value . '@mydomain.com';
$server = 'ldap://192.168.1.55';
$user='cn=<ldapusername>';
$pass='<password>';
include ('functions.php');
$ds=LDAPConn_Bind($server,389,$user,$pass);
$rs=LDAPGetUser($ds, $qry1);

$dom1 = "notes1";
$dom2 = "notes2";
$dom3 = "notes3";

4. Make sure that the "?>" is AFTER the inserted code. This tells the browser that the section of PHP code is complete.

5. Now scroll down further to the line that displays the email link.

<td><a href="/webacc" onMouseOut="MM_swapImgRestore()" onMouseOver="MM_swapImage('Image13','','images/email_on.gif',1)">
<img src="images/email.gif" name="Image13" width="196" height="86" border="0"></a></td>

6. Change the coding to reflect what is shown below.

<?php
  if(stristr($rs, $dom1)) {
    $notes_server = $dom1;
  }  elseif(stristr($r, $dom2)) {
    $notes_server = $dom2;
  }  elseif(stristr($r, $dom3)) {
    $notes_server = $dom3;
  }
  switch($notes_server) {
  case "notes1":
    echo "<a href=\"/webacc\" ><img src=\"images/email.gif\" name=\"Image13\" width=\"196\" height=\"61\" border=\"0\"></a></td>";
    break;
  case "notes2":
    echo "<a href=\"/webacc2\" ><img src=\"images/email.gif\" name=\"Image13\" width=\"196\" height=\"61\" border=\"0\"></a></td>";
    break;
  case "notes3":
    echo "<a href=\"/webacc3\" ><img src=\"images/email.gif\" name=\"Image13\" width=\"196\" height=\"61\" border=\"0\"></a></td>";
    break;
  }
?>

This will also add the additional links for the other Notes servers.

7. Save the file and exit.

8. Remember to log back into the Administration Console and Purge the Cache on the Access Gateway.

Testing

1. Log in into the Access Gateway as normal.

Figure 5 - Access Gateway

You'll see your Default page:

Figure 6 - Default page

2. Click the Corporate Mail button.

Figure 7 - Corporate Mail login for Notes Server

There it is!

3. Log in to your Notes Server.

Here is the code for Functions.php ...

<?php

function LDAPConn_Bind($srv, $port, $LDAPUser, $LDAPPass)
{
	global $LDAPConn, $LDAPUser, $LDAPPass;

	$conn=ldap_connect($srv, $port);
	if (!$conn)
	{
		die("Failed LDAP_Connect.<br />");
	}


	ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3);
	$r=@ldap_bind($conn, $LDAPUser, $LDAPPass);
	if (!$r)
	{
		echo "LDAP Error: ", ldap_error($conn), "<br />\n";
		return false;
	}
	$LDAPConn = $conn;
	return $conn;
}

function LDAPGetUser($conn, $qry1)
{
	if (empty($conn)) return 2;
	$attrnames = array("mail", "mailserver");

	$sr=ldap_search($conn, "o=[BASE DN]", "(mail=$qry1)");
	$entries = ldap_get_entries($conn, $sr);
	for ($i=0; $i < $entries["count"]; $i++)
  	{	

		$mailserv = $entries[$i]["mailserver"][0];

  	}

	ldap_close($conn);
	return $mailserv;
}


Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© 2014 Novell