Having the requisite portions of the LDAP suite installed locally, a short line-mode Perl script was developed to perform an LDAP search for the Administrator of a LAN, based on one of several types of identifiers. The purpose is to provide a simple, easy, and quick method to look up the LAN Administrator for a given LAN, providing their name, phone number, and electronic mail address.
The intent here is to use an LDAP-enabled Web browser to initiate an LDAP inquiry without requiring any CGI scripts or other services from a Web server. The Web browser itself acts as the sole LDAP client. A simple HTML form is used to obtain the LDAP search item, and a simple JavaScript function then converts that into an LDAP URL[16]. When this is inserted into the browser's location field, the LDAP search is performed.
Using LDAP required two enhancements to Sendmail: using internal hooks in Sendmail for LDAP; and an LDAP-based mail delivery program, mail500[12,15], external to Sendmail. With these extensions, simple virtual mail users with different address formats are easily created and serviced. Once Sendmail is installed with the required LDAP libraries, a small set of code is added to the Sendmail configuration file to enable both enhancements. In one case, the mail was handed off to the mail500 LDAP tool, which performed the final delivery. In the other case, Sendmail itself connected to the LDAP server to find the requisite information to complete the mail delivery that it would perform.
The InterNetwork News product provides a simple security scheme to control access to newsgroups[10]. More finely detailed access methods are not directly available with the basic INN program. Starting with version 2 of INN, a Perl ``hook''[8,9] is provided to invoke user defined code. Using this Perl script and data stored in an LDAP database, a finer grained access method is now possible. It also provides the ability to define a multi-tiered access method. In this report, this method is used to control authorized postings to a local newsgroup that did not use the network news ``moderated'' format and controls.
This facility used a UNIX server running Samba, the OpenSource UNIX NetBIOS file system service, to provide a type of automated file relay between a Windows PC and a mainframe. In reality, the PC user had two network drives, an ``input share'' and an ``output share,'' that appeared to connect them directly to the mainframe for simple output retrieval and job submission. LDAP stored user specific information to be used by the FTP process to the mainframe. Expect was used to automate the process of FTPing a user ``job'' to the mainframe for execution from the ``input share,'' and keeping a log of the FTP process. Mainframe output was FTPed to the ``output share'' by some additional job control language statements that executed an outbound FTP session from the mainframe to the Samba server.