[RCD] Roundcube and openldap search hierarchy

Andreas Dick andudi at gmx.ch
Sun Feb 26 14:15:47 CET 2012


Am Sonntag, 26. Februar 2012, 07.00:08 schrieben Sie:
> Curious, Why would you separate searches per group and/or contact?
I think it makes sense to seperate...

but well, the concerning option is not yet prepared in the default config 
file... please try to add:
    'scope'     => 'one',
in the groups array... it is allready implemented in the code :-)

Andreas


> anyway, is there anything else we can do in the mean time.
> I am not good in php, but pretty good with python and java.
> Regards, --sasha
> 
> On Sat, Feb 25, 2012 at 6:37 PM, Andreas Dick <andudi at gmx.ch> wrote:
> > I suppose the search scope is not yet imlemented for groups... just for
> > contacts... maybe i'l check that soon...
> > 
> > Andreas
> > 
> > Sasha Kacanski <skacanski at gmail.com> schrieb:
> > >Absolutely,
> > >
> > >btw, roundcube works great otherwise. This is a first product that can
> > >so
> > >well integrate with two imap cyrus servers, one as main mail server
> > >and
> > >other as long term archive. With remote plugin for two imaps, users
> > >can
> > >switch between mail and archive.
> > >
> > >Anyway here is the main.inc.php
> > >
> > >$rcmail_config['address_book_type'] = 'ldap';
> > >
> > >// In order to enable public ldap search, configure an array like the
> > >Verisign
> > >// example further below. if you would like to test, simply uncomment
> > >the
> > >example.
> > >// Array key must contain only safe characters, ie. a-zA-Z0-9_
> > >$rcmail_config['ldap_public'] = array (
> > >
> > >  'public' =>
> > >  array (
> > >  
> > >    'name' => 'Public Addressbook',
> > >    'hosts' =>
> > >    array (
> > >    
> > >      0 => 'some IP',
> > >    
> > >    ),
> > >    'port' => 389,
> > >    'use_tls' => false,
> > >    'ldap_version' => 3,
> > >    'user_specific' => false,
> > >    'base_dn' => 'ou=People,dc=xxx,dc=xxx',
> > >    'bind_dn' => 'cn=Some admin,dc=xxx,dc=xxx',
> > >    'bind_pass' => 'xxxxx',
> > >    'search_base_dn' => 'ou=People,dc=xxxx,dc=xxx',
> > >    'search_filter' => '(&(objectClass=posixAccount)(uid=%u))',
> > >    'search_bind_dn' => 'cn=Some admin,dc=xxxxx,dc=xxx',
> > >    'search_bind_pw' => 'xxxxxxx',
> > >    'search_dn_default' => '',
> > >    'auth_cid' => '',
> > >    'auth_method' => '',
> > >    'hidden' => false,
> > >    'searchonly' => false,
> > >    'writable' => false,
> > >    'LDAP_Object_Classes' =>
> > >    array (
> > >    
> > >      0 => 'top',
> > >      1 => 'inetOrgPerson',
> > >    
> > >    ),
> > >    'LDAP_rdn' => 'mail',
> > >    'required_fields' =>
> > >    array (
> > >    
> > >      0 => 'cn',
> > >      1 => 'sn',
> > >      2 => 'mail',
> > >      3 => 'uid',
> > >    
> > >    ),
> > >    'search_fields' =>
> > >    array (
> > >    
> > >      0 => 'uid',
> > >      1 => 'mail',
> > >      2 => 'cn',
> > >    
> > >    ),
> > >    'fieldmap' =>
> > >    array (
> > >    
> > >      'name' => 'cn',
> > >      'surname' => 'sn',
> > >      'firstname' => 'givenName',
> > >      'email' => 'mail',
> > >      'phone:home' => 'homePhone',
> > >      'phone:work' => 'telephoneNumber',
> > >      'phone:mobile' => 'mobile',
> > >      'street' => 'street',
> > >      'zipcode' => 'postalCode',
> > >      'locality' => 'l',
> > >      'country' => 'c',
> > >      'organization' => 'o',
> > >    
> > >    ),
> > >    'sort' => 'cn',
> > >    'scope' => 'one',
> > >    'filter' => '(objectClass=inetOrgPerson)',
> > >    'fuzzy_search' => true,
> > >    'vlv' => false,
> > >    'numsub_filter' => '(objectClass=organizationalUnit)',
> > >    'sizelimit' => '0',
> > >    'timelimit' => '0',
> > >    'referrals' => 1,
> > >    'groups' =>
> > >    array (
> > >    
> > >      'base_dn' => '',
> > >      'filter' => '(objectClass=groupOfNames)',
> > >      'object_classes' =>
> > >      array (
> > >      
> > >        0 => 'top',
> > >        1 => 'groupOfNames',
> > >      
> > >      ),
> > >      'member_attr' => 'member',
> > >      'name_attr' => 'cn',
> > >    
> > >    ),
> > >  
> > >  ),
> > >
> > >....
> > >
> > >
> > >
> > >Regards, --sasha
> > >
> > >
> > >On Sat, Feb 25, 2012 at 1:12 PM, Andreas Dick
> > ><andudi at gmx.ch<javascript:_e({}, 'cvml', 'andudi at gmx.ch');>
> > >
> > >> wrote:
> > >> 
> > >> hei sasha
> > >> can you please show us your concerning part in main.inc.php?
> > >> this means at least:
> > >> -  'filter'
> > >> -  'scope'
> > >> -  'groups'
> > >> 
> > >> Andreas
> > >> 
> > >> Am Samstag, 25. Februar 2012, 11.04:09 schrieb Sasha Kacanski:
> > >> > Hi All,
> > >> > 
> > >> > I setup a rouncube (svn current) with two cyrus imap servers
> > >> > and
> > >> > openldap/mysql.
> > >> > I managed to extend my ldap hierarchy to include following:
> > >> > 
> > >> > ou=People,dc=xxxx,dc=org for public address book
> > >> > 
> > >> > this works fine and all users are visible from the roundcube
> > >> > via
> > >
> > >public
> > >
> > >> > address - readonly book
> > >> > 
> > >> > i have private address books under user uid
> > >> > uid=xxxx,ou=People,dc=xxxx,dc=org
> > >> > as ou=addressbook,uid=xxxx,ou=People,dc=xxxx,dc=org
> > >> > 
> > >> > 
> > >> > slapd.conf is modified with appropriate rules to allow users
> > >> > to
> > >
> > >create
> > >
> > >> > addditional address books and contacts
> > >> > 
> > >> > everything works fine.
> > >> > 
> > >> > I changed search criteria on the public address book to "one"
> > >> > from
> > >
> > >"sub"
> > >
> > >> to
> > >> 
> > >> > avoid picking up private group names under public address
> > >> > group
> > >
> > >listing.
> > >
> > >> > However, when I create user private address book, e.a.
> > >> > 
> > >> > cn=My Friends,ou=addressbook,uid=xxxx,ou=People,dc=xxxx,dc=org
> > >> > 
> > >> > this private group will show under both, public and private
> > >> > address
> > >
> > >space
> > >
> > >> > in roundcube.
> > >> > 
> > >> > I thought that by limiting search criteria in public address
> > >> > space
> > >
> > >from
> > >
> > >> sub
> > >> 
> > >> > to one will prevent private address books from showing, but
> > >> > that
> > >
> > >did not
> > >
> > >> > work.
> > >> > What do you suggest as easiest approach to solve this issue.
> > >> > 
> > >> > btw, I registered to http://www.roundcubeforum.net and I can't
> > >> > post
> > >> 
> > >> email
> > >> 
> > >> > to any forum.
> > >> > I sent email to support folks and nothing...
> > >> > 
> > >> > Regards, --sasha
> > >> 
> > >> --
> > >> List info: http://lists.roundcube.net/users/
> > >> BT/4e624a41
> > >
> > >--
> > >Aleksandar Kacanski
> > >
> > >
> > >
> > >--
> > >Aleksandar Kacanski
_______________________________________________
List info: http://lists.roundcube.net/dev/
BT/aba52c80



More information about the Dev mailing list