On 12/04/12 12:31, Achim wrote:
Hello f3isar:
On 12.04.2012 11:09, f3isar wrote:
I haven't been watching this thread too closely and so I could be wrong but I think some, if not most, of the issues may simply be configuration ones.
Correct, there are now only 2 issues remaining, and they do seem to be code-related.
I have a working LDAP config with Round Cube and have no trouble updating or creating records.
I'm happy to share my config if it would be useful
That would be great, so that we can compare with the configuration I posted, and as a result Andreas could perhaps include a "best practice" selection on the wiki page for LDAP?
Best regards, Achim _______________________________________________ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
Here you go, my ldap config:
$rcmail_config['ldap_public']['Private'] = array( 'name' => 'Private Address Book', // Replacement variables supported in host names: // %h - user's IMAP hostname // %n - http hostname ($_SERVER['SERVER_NAME']) // %d - domain (http hostname without the first part) // %z - IMAP domain (IMAP hostname without the first part) // For example %n = mail.domain.tld, %d = domain.tld 'hosts' => array('mail.example.net'), 'port' => 389, 'use_tls' => true, 'ldap_version' => 3, // using LDAPv3 'user_specific' => true, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. // %fu - The full username provided, assumes the username is an email // address, uses the username_domain value if not an email address. // %u - The username prior to the '@'. // %d - The domain name after the '@'. // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" // %dn - DN found by ldap search when search_filter/search_base_dn are used 'base_dn' => 'ou=Address Book,cn=%fu,%dc', 'bind_dn' => 'cn=%fu,%dc', 'bind_pass' => '', // It's possible to bind for an individual address book // The login name is used to search for the DN to bind with 'search_base_dn' => '', 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' // DN and password to bind as before searching for bind DN, if anonymous search is not allowed 'search_bind_dn' => '', 'search_bind_pw' => '', // Default for %dn variable if search doesn't return DN value 'search_dn_default' => '', // Optional authentication identifier to be used as SASL authorization proxy // bind_dn need to be empty 'auth_cid' => '', // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 'auth_method' => '', // Indicates if the addressbook shall be hidden from the list. // With this option enabled you can still search/view contacts. 'hidden' => false, // Indicates if the addressbook shall not list contacts but only allows searching. 'searchonly' => false, // Indicates if we can write to the LDAP directory or not. // If writable is true then these fields need to be populated: // LDAP_Object_Classes, required_fields, LDAP_rdn 'writable' => true, // To create a new contact these are the object classes to specify // (or any other classes you wish to use). 'LDAP_Object_Classes' => array("top", "person", "inetOrgPerson", "organizationalPerson", "evolutionPerson"), // The RDN field that is used for new entries, this field needs // to be one of the search_fields, the base of base_dn is appended // to the RDN to insert into the LDAP directory. 'LDAP_rdn' => 'cn', // The required fields needed to build a new contact as required by // the object classes (can include additional fields not required by the object classes). 'required_fields' => array("cn", "sn"), 'search_fields' => array('cn'), // mapping of contact fields to directory attributes 'fieldmap' => array( // Roundcube => LDAP
// Main information
'firstname' => 'gn',
'jobtitle' => 'businessRole',
'name' => 'cn',
'organization' => 'o',
//'photo' => 'jpegPhoto',
'prefix' => 'title',
'surname' => 'sn',
// Contact Properties
'email' => 'mail',
'phone:home' => 'homePhone',
'phone:work' => 'telephoneNumber',
'phone:mobile' => 'mobile',
// Work address
'address:work' => 'street',
//'zipcode:work' => 'postalCode',
//'locality:work' => 'l',
// Home address
'address:home' => 'homePostalAddress',
//'zipcode:home' => 'postalAddress',
//'locality:home' => 'otherPostalAddress',
//'region:home' => 'st',
//'country:home' => 'co',
'website' => 'labeledURI',
// Personal information tab
'anniversary' => 'anniversary',
'birthday' => 'birthDate',
'manager' => 'managerName',
'spouse' => 'spouseName',
// Notes tab
'notes' => 'note',
), 'sort' => 'cn', // The field to sort the listing by. 'scope' => 'one', // search mode: sub|base|list 'filter' => '(objectClass=evolutionPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act 'fuzzy_search' => true, 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting 'sizelimit' => '0', 'timelimit' => '0', 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups
// definition for contact groups (uncomment if no groups are supported) // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) // if the groups base_dn is empty, the contact base_dn is used for the groups as well // -> in this case, assure that groups and contacts are separated due to the concernig filters! 'groups' => array( 'base_dn' => 'ou=Groups,cn=%fu,%dc', 'filter' => '(objectClass=groupOfNames)', 'object_classes' => array("top", "groupOfNames"), 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember 'name_attr' => 'cn', // attribute to be used as group name ), );
// An ordered array of the ids of the addressbooks that should be searched // when populating address autocomplete fields server-side. ex: array('sql','Verisign'); $rcmail_config['autocomplete_addressbooks'] = array('Private');
// The minimum number of characters required to be typed in an autocomplete field // before address books will be searched. Most useful for LDAP directories that // may need to do lengthy results building given overly-broad searches $rcmail_config['autocomplete_min_length'] = 3;
// Number of parallel autocomplete requests. // If there's more than one address book, n parallel (async) requests will be created, // where each request will search in one address book. By default (0), all address // books are searched in one request. $rcmail_config['autocomplete_threads'] = 0;
// Max. numer of entries in autocomplete popup. Default: 15. $rcmail_config['autocomplete_max'] = 15;
// show address fields in this order // available placeholders: {street}, {locality}, {zipcode}, {country}, {region} $rcmail_config['address_template'] = '{street}<br/>{locality} {zipcode}<br/>{country} {region}';
// Matching mode for addressbook search (including autocompletion) // 0 - partial (*abc*), default // 1 - strict (abc) // 2 - prefix (abc*) // Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode $rcmail_config['addressbook_search_mode'] = 0;