LDAP authentication from a non-Novell VPN client
Novell Cool Solutions: Question & Answer
Reader Rating 
Q:
I have a BorderManager 3.8 running on NetWare 6.5. I want to have LDAP authentication to another server from a non-Novell VPN client. What are the setup rules?
A:
Well, you have to set up an LDAP authentication rule to a user or group. Remember that LDAP is case-sensitive. You will want an LDAP TRC as well. Then you need LDAP traffic rules.
We had a similar need and resolved it by doing the following:
1. Set up the VPN concentrator to pass authentication to a RADIUS server.
2. Have the RADIUS server then log in to NDS via LDAP, with appropriate rights passing to authentice the user to NDS.
All communication between NDS and the Radius server is LDAP. We used FreeRadius. You could probably load RADIUS on Novell and simplify the process, since you own BorderManager 3.8, which comes with a good RADIUS server.
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com