[Mono-list] Novell LDAP (SSL) using .NET 2.0 on Windows Server

Sebastien Pouliot sebastien.pouliot at gmail.com
Fri Sep 4 09:38:50 EDT 2009 

On Fri, 2009-09-04 at 07:46 -0700, stonefish wrote:
> Hi,
> 
> (This is roughly the same message as was mistakenly on the ASP.NET section,
> but with the vital point that it's Novell LDAP, not MS LDAP!)

Well a large part of LDAP is LDAP itself :) not Novell's or Microsoft's.
So unless you depend on specific features then both libraries should
work on both servers.

> My client requires us to connect to their Novell LDAP system through SSL
> with the ASP.NET (2.0) application we have written, which is going to run on
> Windows 2003 Server through IIS6.  For the moment I am using a simple
> console application to test my code - a lot easier and simpler that
> uploading the rather large web application dlls each time.
> 
> >From everything I've read, it appears that Mono is the best solution to
> this, but I'm having a great deal of difficulty getting it to work.
> 
> I have added the novell.directory.ldap.dll and mono.security.dll references
> to the console app, and included the dlls in "installation" directory on the
> server.
> I have installed Mono (2.4.2.3) but not included the GTK part, as I don't
> believe it's necessary.
> I have added the security certificate from the clients LDAP system into the
> Trust store using certmgr.

Did you use Mono's certmgr ? (not MS one)

Did you specify the -m option ? that will make the certificate available
to all users on the computer (you'll need that for ASP.NET but it should
not affect your console app).

> 
> But when I attempt a secure bind to the Novell LDAP server, I receive a 91
> Connect Error, with the IOException of "The authentication or decryption has
> failed" and TlsException of "Invalid certificate received from server".

Can you connect, using SSL, to the server using a different
application ?

> What have I missed?

Source code ? ;-)

> Am I trying to achieve the impossible... or have I missed a simple step out? 
> (Do I need to set an application setting or environment variable that I'm
> not aware of?)

You might want to check (and read archive) of the novell-ldap group on
forge.novell.com

Sebastien

More information about the Mono-list mailing list