We recently wrote a utility using the Groupwise Administrative Object API to programmatically populate the LDAP Authentication field. This field is what is necessary to authenticate to LDAP services instead of relying on Groupwise authentication. Here is the jist of how it went down:
Obtain list of users in Groupwise
Ensure Groupwise users indeed had Active Directory Accounts
Use Powershell script to obtain “DistinguishedName” attribute from all users
Use utility written in C# to access the Groupwise Administrative Object API to loop through each user and post office and fill in their associated DistinguishedName into LDAP Authentication
Enable Post Office for LDAP. This meant placing our LDAP certificate in the SEARCH PATH (not the agent install directory as described in the documentation) in SYS:SYSTEM for Netware and C:windowssystem32 for Windows.
Novell Official Documentation on LDAP Authentication for Groupwise 7 (Applicable to many recent versions)
Novell Administrative Object API Doc reference (See User.LDAPAuthentication. Says it requires Groupwise 7 SP3 or later)