[RCD] Roundcube and openldap search hierarchy

Andreas Dick andudi at gmx.ch
Sun Feb 26 00:37:20 CET 2012


I suppose the search scope is not yet imlemented for groups... just for contacts... maybe i'l check that soon...

Andreas



Sasha Kacanski <skacanski at gmail.com> schrieb:

>Absolutely,
>
>btw, roundcube works great otherwise. This is a first product that can
>so
>well integrate with two imap cyrus servers, one as main mail server and
>other as long term archive. With remote plugin for two imaps, users can
>switch between mail and archive.
>
>Anyway here is the main.inc.php
>
>$rcmail_config['address_book_type'] = 'ldap';
>
>// In order to enable public ldap search, configure an array like the
>Verisign
>// example further below. if you would like to test, simply uncomment
>the
>example.
>// Array key must contain only safe characters, ie. a-zA-Z0-9_
>$rcmail_config['ldap_public'] = array (
>  'public' =>
>  array (
>    'name' => 'Public Addressbook',
>    'hosts' =>
>    array (
>      0 => 'some IP',
>    ),
>    'port' => 389,
>    'use_tls' => false,
>    'ldap_version' => 3,
>    'user_specific' => false,
>    'base_dn' => 'ou=People,dc=xxx,dc=xxx',
>    'bind_dn' => 'cn=Some admin,dc=xxx,dc=xxx',
>    'bind_pass' => 'xxxxx',
>    'search_base_dn' => 'ou=People,dc=xxxx,dc=xxx',
>    'search_filter' => '(&(objectClass=posixAccount)(uid=%u))',
>    'search_bind_dn' => 'cn=Some admin,dc=xxxxx,dc=xxx',
>    'search_bind_pw' => 'xxxxxxx',
>    'search_dn_default' => '',
>    'auth_cid' => '',
>    'auth_method' => '',
>    'hidden' => false,
>    'searchonly' => false,
>    'writable' => false,
>    'LDAP_Object_Classes' =>
>    array (
>      0 => 'top',
>      1 => 'inetOrgPerson',
>    ),
>    'LDAP_rdn' => 'mail',
>    'required_fields' =>
>    array (
>      0 => 'cn',
>      1 => 'sn',
>      2 => 'mail',
>      3 => 'uid',
>    ),
>    'search_fields' =>
>    array (
>      0 => 'uid',
>      1 => 'mail',
>      2 => 'cn',
>    ),
>    'fieldmap' =>
>    array (
>      'name' => 'cn',
>      'surname' => 'sn',
>      'firstname' => 'givenName',
>      'email' => 'mail',
>      'phone:home' => 'homePhone',
>      'phone:work' => 'telephoneNumber',
>      'phone:mobile' => 'mobile',
>      'street' => 'street',
>      'zipcode' => 'postalCode',
>      'locality' => 'l',
>      'country' => 'c',
>      'organization' => 'o',
>    ),
>    'sort' => 'cn',
>    'scope' => 'one',
>    'filter' => '(objectClass=inetOrgPerson)',
>    'fuzzy_search' => true,
>    'vlv' => false,
>    'numsub_filter' => '(objectClass=organizationalUnit)',
>    'sizelimit' => '0',
>    'timelimit' => '0',
>    'referrals' => 1,
>    'groups' =>
>    array (
>      'base_dn' => '',
>      'filter' => '(objectClass=groupOfNames)',
>      'object_classes' =>
>      array (
>        0 => 'top',
>        1 => 'groupOfNames',
>      ),
>      'member_attr' => 'member',
>      'name_attr' => 'cn',
>    ),
>  ),
>....
>
>
>
>Regards, --sasha
>
>
>On Sat, Feb 25, 2012 at 1:12 PM, Andreas Dick
><andudi at gmx.ch<javascript:_e({}, 'cvml', 'andudi at gmx.ch');>
>> wrote:
>
>> hei sasha
>> can you please show us your concerning part in main.inc.php?
>> this means at least:
>> -  'filter'
>> -  'scope'
>> -  'groups'
>>
>> Andreas
>>
>> Am Samstag, 25. Februar 2012, 11.04:09 schrieb Sasha Kacanski:
>> > Hi All,
>> >
>> > I setup a rouncube (svn current) with two cyrus imap servers and
>> > openldap/mysql.
>> > I managed to extend my ldap hierarchy to include following:
>> >
>> > ou=People,dc=xxxx,dc=org for public address book
>> >
>> > this works fine and all users are visible from the roundcube via
>public
>> > address - readonly book
>> >
>> > i have private address books under user uid
>> > uid=xxxx,ou=People,dc=xxxx,dc=org
>> > as ou=addressbook,uid=xxxx,ou=People,dc=xxxx,dc=org
>> >
>> >
>> > slapd.conf is modified with appropriate rules to allow users to
>create
>> > addditional address books and contacts
>> >
>> > everything works fine.
>> >
>> > I changed search criteria on the public address book to "one" from
>"sub"
>> to
>> > avoid picking up private group names under public address group
>listing.
>> >
>> > However, when I create user private address book, e.a.
>> >
>> > cn=My Friends,ou=addressbook,uid=xxxx,ou=People,dc=xxxx,dc=org
>> >
>> > this private group will show under both, public and private address
>space
>> > in roundcube.
>> >
>> > I thought that by limiting search criteria in public address space
>from
>> sub
>> > to one will prevent private address books from showing, but that
>did not
>> > work.
>> > What do you suggest as easiest approach to solve this issue.
>> >
>> > btw, I registered to http://www.roundcubeforum.net and I can't post
>> email
>> > to any forum.
>> > I sent email to support folks and nothing...
>> >
>> > Regards, --sasha
>> --
>> List info: http://lists.roundcube.net/users/
>> BT/4e624a41
>>
>
>
>
>-- 
>Aleksandar Kacanski
>
>
>
>-- 
>Aleksandar Kacanski

_______________________________________________
List info: http://lists.roundcube.net/dev/
BT/aba52c80



More information about the Dev mailing list