LDAP_BIND.ZIP contains three files which demonstrate doing an LDAP bind over SSL using the Novell NWIDirQ ActiveX control. This code has been tested on a Windows 2000 SP2 server running Internet Information Server 5.0 against an eDirectory 8.6.2 tree. The Novell LDAP ActiveX controls must be installed and registered on the server. They can be found at:
No NetWare client is required on the IIS server.
LOGIN.HTML is the login form which prompts for the user’s user ID and password. This form POSTs the results to VERIFY.ASP which performs the LDAP bind and also returns the user’s first and last name.
The GLOBAL.ASA declares the object at the session level as oppose to the page level. This seems to be more efficient and I’ve had less problems with the control doing it this way (you’ll need to look up the class ID in the registry on your server). Up until the current control, there were memory leaks with it that I think contributed to this problem.
I also had a difficult time getting the SSL BIND to work. It seems that no matter what I exported from Console One, I would always get an SSL error 42 when I tried to do an SSL BIND using the .DER file generated. So, I decided to try hitting the server’s management portal on port 8009 and export the root certificate via Internet Explorer. I did that and low and behold, it worked. You just need to make sure and export the right thing. I did the following:
- Hit https://myserver:8009 with IE
- In the dialog that appears, click “View Certificate”
- Select “Certification Path”
- Highlight “Organizational CA”
- Click “View Certificate”
- Click “Details”
- Click “Copy to File”
I used that for my credentials with the ActiveX control and it worked fine (that is the MYROOT.DER in verify.asp).