Hello list:
Below a summarised and expanded view on the remaining 7 LDAP issues. Please discard the earlier messages in the other thread, this is the current status:
with other clients (iOS and jxplorer). Despite the name "Public", the bind_dn user has write access. Relevant main.inc.php and slapd.conf extracts are included at the end of this message. If useful, I can also provide access to the underlying OpenLDAP developmentserver.
does not show up in the UI mask in the "name" field. As a result, when you edit that contact, the field cn is not populated by default in the UI and has to be manually added: Forgetting to do so will result in an error, as cn is mandatory. It appears that the program logic to hide cn based on existing attributes should be reviewed.
Independent of this, I believe that the thread "How are you using cn vs displayName?" [0] could be useful to determine the right approach for mapping givenName, sn, cn and displayName.
field 'name' => 'cn' fails, i.e. the newly entered information is not stored.
Warning: ldap_mod_replace(): Modify: Naming violation in roundcubemail-0.7.2/program/include/rcube_ldap.php on line 1105
Changing cn using jxplorer 3.2.2 works as expected. How to reproduce:
fieldmap below): 4) Editing the contact (any field, except cn itself) works perfectly. 5) Search again for same contact. 6) Change cn/name field to "John Doe CNUPDATED" 7) Saving will fail with a "Naming violation" error. From logs/ldap (level 8, which seems to give the same output as level 4 BTW):
[10-Apr-2012 01:51:21 +0200]: C: Replace [dn: cn=John Doe CN,ou=public,ou=rcabook,dc=domain,dc=tld]: Array ( [cn] => John Doe CNUPDATED [sn] => Doe [givenname] => John )
[10-Apr-2012 01:51:21 +0200]: S: Naming violation
From slapd with loglevel 23:
Apr 10 01:51:21 mail slapd[20444]: conn=1263 op=2 do_modify Apr 10 01:51:21 mail slapd[20444]: conn=1263 op=2 do_modify: dn (cn=John Doe CN,ou=public,ou=rcabook,dc=domain,dc=tld) Apr 10 01:51:21 mail slapd[20444]: >>> dnPrettyNormal: <cn=John Doe CN,ou=public,ou=rcabook,dc=domain,dc=tld> Apr 10 01:51:21 mail slapd[20444]: <<< dnPrettyNormal: <cn=John Doe CN,ou=public,ou=rcabook,dc=domain,dc=tld>, <cn=john doe cn,ou=public,ou=rcabook,dc=domain,dc=tld> Apr 10 01:51:21 mail slapd[20444]: conn=1263 op=2 modifications: Apr 10 01:51:21 mail slapd[20444]: #011replace: cn Apr 10 01:51:21 mail slapd[20444]: #011#011one value, length 18 Apr 10 01:51:21 mail slapd[20444]: #011replace: sn Apr 10 01:51:21 mail slapd[20444]: #011#011one value, length 16 Apr 10 01:51:21 mail slapd[20444]: #011replace: givenname Apr 10 01:51:21 mail slapd[20444]: #011#011one value, length 5 Apr 10 01:51:21 mail slapd[20444]: bdb_dn2entry("cn=john doe cn,ou=public,ou=rcabook,dc=domain,dc=tld") Apr 10 01:51:21 mail slapd[20444]: hdb_modify: cn=John Doe CN,ou=public,ou=rcabook,dc=domain,dc=tld Apr 10 01:51:21 mail slapd[20444]: bdb_dn2entry("cn=john doe cn,ou=public,ou=rcabook,dc=domain,dc=tld") Apr 10 01:51:21 mail slapd[20444]: bdb_modify_internal: 0x000004a7: cn=John Doe CN,ou=public,ou=rcabook,dc=domain,dc=tld Apr 10 01:51:21 mail slapd[20444]: bdb_modify_internal: replace cn Apr 10 01:51:21 mail slapd[20444]: bdb_modify_internal: replace sn Apr 10 01:51:21 mail slapd[20444]: bdb_modify_internal: replace givenName Apr 10 01:51:21 mail slapd[20444]: bdb_modify_internal: replace entryCSN Apr 10 01:51:21 mail slapd[20444]: bdb_modify_internal: replace modifiersName Apr 10 01:51:21 mail slapd[20444]: bdb_modify_internal: replace modifyTimestamp Apr 10 01:51:21 mail slapd[20444]: entry failed schema check: value of naming attribute 'cn' is not present in entry Apr 10 01:51:21 mail slapd[20444]: hdb_modify: modify failed (64) Apr 10 01:51:21 mail slapd[20444]: send_ldap_result: conn=1263 op=2 p=3 Apr 10 01:51:21 mail slapd[20444]: send_ldap_result: err=64 matched="" text="value of naming attribute 'cn' is not present in entry" Apr 10 01:51:21 mail slapd[20444]: send_ldap_response: msgid=3 tag=103 err=64
It appears that somehow cn is not set in the update request that is sent to the LDAP server: "Value of naming attribute 'cn' is not present in entry". Also: why are we replacing sn and givenName if only cn has changed?
[07-Apr-2012 22:40:47 +0200]: C: Connect [calendarserver:389] [Private] [07-Apr-2012 22:40:47 +0200]: S: OK [07-Apr-2012 22:40:47 +0200]: C: Bind [dn: cn=user@hostname.net,ou=private,ou=rcabook,dc=hostname,dc=tld] [pass: XXXXXXXXXXXXX] [07-Apr-2012 22:40:47 +0200]: S: OK [07-Apr-2012 22:40:47 +0200]: C: Add [dn: cn=Testgroup,cn=user@hostname.net,ou=private,ou=rcabook,dc=hostname,dc=tld]: Array ( [objectClass] => Array ( [0] => top [1] => groupOfNames )
[cn] => Testgroup
[] =>
)
[07-Apr-2012 22:40:47 +0200]: S: Undefined attribute type [07-Apr-2012 22:40:47 +0200]: C: Close
RESULT: Does NOT work, and we get a red error message "An error occured while saving." on top of the web page. Could this be because by default we are using the wrong object classes to create a subgroup?
jpegPhoto fields
It turns out that 'phone:fax' => 'facsimileTelephoneNumber' works for adding and editing a fax number, but you will not be able to remove or clear an existing one, at least not with the current code:
Warning: ldap_mod_del(): Modify: Inappropriate matching in program/include/rcube_ldap.php on line 1082
This is actually the same issue as with the profile pictures, as you can see comparing
Apr 8 03:36:28 mail slapd[25146]: bdb_modify_internal: 18 modify/delete: jpegPhoto: no equality matching rule Apr 8 03:36:28 mail slapd[25146]: send_ldap_result: err=18 matched="" text="modify/delete: jpegPhoto: no equality matching rule"
and these entries:
Apr 8 04:07:02 mail slapd[25146]: bdb_modify_internal: 18 modify/delete: facsimileTelephoneNumber: no equality matching rule Apr 8 04:07:02 mail slapd[25146]: send_ldap_result: err=18 matched="" text="modify/delete: facsimileTelephoneNumber: no equality matching rule"
Perhaps we could add two special cases for replacing/removing facsimileTelephoneNumber and jpegPhoto? I managed to find some information on this issue [1, 2, 3] that might help solve it.
VCF file) does not work for LDAP. The newly imported card is simply added to the existing cards, rather than replacing them all.
assistant don't show up and cannot be added via "Add field..." at all, while department can be added, but upon saving the new entry the field gets emptied immediately (it appears before submission of the form).
Thank you very much for managing to get to the end of this message ;-)
Achim
[0] http://osdir.com/ml/ldap.umich/2006-01/msg00049.html [1] http://www.openldap.org/lists/openldap-technical/200907/msg00083.html [2] http://www.openldap.org/lists/openldap-software/200812/msg00040.html [3] http://www.openldap.org/lists/openldap-bugs/200304/msg00008.html
************** configuration files ************** (If useful, I can also provide access to the underlying OpenLDAP developmentserver!)
$rcmail_config['ldap_public'] = array ();
$rcmail_config['ldap_public']['public'] = array( 'name' => 'Public', 'hosts' => array('calendar.domain.tld'), 'port' => 389, 'ldap_version' => 3, // using LDAPv3 # BUGBUG this is important, otherwise the bind_pass is not populated! 'user_specific' => true, 'base_dn' => 'ou=public,ou=rcabook,dc=domain,dc=tld', 'bind_dn' => 'cn=%fu,ou=private,ou=rcabook,dc=domain,dc=tld', 'bind_pass' => '', // the user login password is used 'filter' => '(objectClass=inetOrgPerson)', 'writable' => true, 'LDAP_Object_Classes' => array('top', 'inetOrgPerson'), 'LDAP_rdn' => 'mail', 'required_fields' => array('cn', 'sn', 'mail', 'givenName'), // mapping of contact fields to directory attributes 'fieldmap' => array( // Roundcube => LDAPA 'prefix' => 'title', 'name' => 'cn', 'surname' => 'sn', 'firstname' => 'givenName', 'email:work' => 'mail', 'phone:home' => 'homePhone', 'phone:work' => 'telephoneNumber', 'phone:mobile' => 'mobile', 'phone:fax' => 'facsimileTelephoneNumber', 'photo' => 'jpegPhoto', 'website' => 'labeledURI', 'street' => 'street', 'zipcode' => 'postalCode', 'locality' => 'l', 'region' => 'st', // does not exist in inetOrgPerson // 'country' => 'c', 'organization' => 'o', // Notes tab 'notes' => 'description', // Personal information tab 'manager' => 'manager', 'assistant' => 'secretary', 'department' => 'departmentNumber', ), 'search_fields' => array('mail', 'cn', 'sn', 'givenName'), // fields to search in 'sort' => 'cn', // The field to sort the listing by. 'scope' => 'sub', // search mode: sub|base|list 'fuzzy_search' => true, // server allows wildcard search 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting 'sizelimit' => '0', // Enables you to limit the count of entries fetched. Setting this to 0 means no limit. 'timelimit' => '0', // Sets the number of seconds how long is spend on the search. Setting this to 0 means no limit. 'groups' => array( 'base_dn' => '', // in this Howto, the same base_dn as for the contacts is used 'filter' => '(objectClass=groupOfNames)', 'object_classes' => array("top", "groupOfNames"), ), );
$rcmail_config['autocomplete_addressbooks'] = array('sql','public');
$rcmail_config['address_template'] = '{street}<br/>{locality} {zipcode}<br/>{region}';
From sladp.conf:
# Grant the admin and rcuser access to the whole addressbook # Also grant it to every other LDAP user
access to dn.subtree="ou=rcabook,dc=domain,dc=tld" by dn="cn=admin,dc=domain,dc=tld" write by dn="cn=rcuser,ou=rcabook,dc=domain,dc=tld" write by users write
Hello again:
On 10.04.2012 02:12, Achim wrote:
- rcmimportreplace ('Replace the entire address book' when importing
a VCF file) does not work for LDAP. The newly imported card is simply added to the existing cards, rather than replacing them all.
I figured out that the implementation for the abstract function delete_all() declared in the base class rcube_addressbook was missing from rcube_ldap. Here is a version that works for me, feel free to add it to the codebase:
/**
* Remove all records from the database
*/
function delete_all() {
$recursive = true; // to support groups once they work
return
$this->_ldap_delete($this->conn,$this->base_dn,$recursive,true); }
/**
* helper function from
http://www.php.net/manual/en/function.ldap-delete.php#21467 */
private function _ldap_delete($ds,$dn,$recursive=false,$root=true){ if($recursive == false){ if (!$root) return(ldap_delete($ds,$dn)); else return true; } else { //searching for sub entries $sr= @ldap_list($ds,$dn,$this->filter ? $this->filter : '(objectclass=*)',array("")); $info = @ldap_get_entries($ds, $sr); $result = false; for($i=0;$i<$info['count'];$i++){ //deleting recursively sub entries
$result=$this->_ldap_delete($ds,$info[$i]['dn'],$recursive,false); } if (!$root) return(ldap_delete($ds,$dn)); else return true; } }
Now there are only 5 issues remaining ;-)
Achim
On 10.04.2012 02:12, Achim wrote:
'LDAP_rdn' => 'mail',
'LDAP_rdn' => 'cn' should resolve at least one of your issues.
// does not exist in inetOrgPerson // 'country' => 'c',
'c' is supported in svn-trunk version.
Provide a test account for me.
- Adding groups under the LDAP directory fails:
[07-Apr-2012 22:40:47 +0200]: C: Connect [calendarserver:389] [Private] [07-Apr-2012 22:40:47 +0200]: S: OK [07-Apr-2012 22:40:47 +0200]: C: Bind [dn: cn=user@hostname.net,ou=private,ou=rcabook,dc=hostname,dc=tld] [pass: XXXXXXXXXXXXX] [07-Apr-2012 22:40:47 +0200]: S: OK [07-Apr-2012 22:40:47 +0200]: C: Add [dn:
cn=Testgroup,cn=user@hostname.net,ou=private,ou=rcabook,dc=hostname,dc=tld]: Array ( [objectClass] => Array ( [0] => top [1] => groupOfNames )
[cn] => Testgroup [] =>
)
[07-Apr-2012 22:40:47 +0200]: S: Undefined attribute type [07-Apr-2012 22:40:47 +0200]: C: Close
RESULT: Does NOT work, and we get a red error message "An error occured while saving." on top of the web page. Could this be because by default we are using the wrong object classes to create a subgroup?
this is becasue the main.inc.php.dist is not yet compleet, please add in the groups definition array
'member_attr' => 'member', // name of the member attribute, e.g.
uniqueMember 'name_attr' => 'cn', // attribute to be used as group name
Andreas
On 2012-04-10 1:12, Achim wrote:
Hello list:
Below a summarised and expanded view on the remaining 7 LDAP issues. Please discard the earlier messages in the other thread, this is the current status:
(...snip...) 3) Probably closely related to point 2): changing the content of the field 'name' => 'cn' fails, i.e. the newly entered information is not stored.
Warning: ldap_mod_replace(): Modify: Naming violation in roundcubemail-0.7.2/program/include/rcube_ldap.php on line 1105
(...snip...)
[10-Apr-2012 01:51:21 +0200]: C: Replace [dn: cn=John Doe CN,ou=public,ou=rcabook,dc=domain,dc=tld]: Array ( [cn] => John Doe CNUPDATED [sn] => Doe [givenname] => John )
What's happening here is that the value for the attribute that is also used as the RDN is being replaced the value for.
Roundcube should instead use ldap_mod_rename(), as is illustrated in the following code;
[1] Modify Entry function:
http://git.kolab.org/kolab-wap/tree/lib/Auth/LDAP.php#n991
[2] Detect the RDN attribute used on the old version of the entry:
http://git.kolab.org/kolab-wap/tree/lib/Auth/LDAP.php#n997
[3] Specifically catch the RDN attribute used in the old version of the entry:
http://git.kolab.org/kolab-wap/tree/lib/Auth/LDAP.php#n1035
[4] Ultimately use the array built to fire it at LDAP:
http://git.kolab.org/kolab-wap/tree/lib/Auth/LDAP.php#n1116
Kind regards,
Jeroen van Meeuwen
Independent of this, I believe that the thread "How are you using cn vs displayName?" [0] could be useful to determine the right approach for mapping givenName, sn, cn and displayName.
the today solution is based (as I know) on VCARD... I have never used displayName, are other clients using it?
(my faforite would be just to use 'cn' allways as sum of its parts like givenName, sn and whatever you want as middle name, title and so on....)
- Probably closely related to point 2): changing the content of the
field 'name' => 'cn' fails, i.e. the newly entered information is not stored.
Warning: ldap_mod_replace(): Modify: Naming violation in roundcubemail-0.7.2/program/include/rcube_ldap.php on line 1105
Changing cn using jxplorer 3.2.2 works as expected. How to reproduce:
- Change cn for a contact in jxplorer to "John Doe CN"
- Search for John Doe CN contact in RC
- "John Doe CN" shows up in the "name" field (in accordance with the
fieldmap below): 4) Editing the contact (any field, except cn itself) works perfectly. 5) Search again for same contact. 6) Change cn/name field to "John Doe CNUPDATED" 7) Saving will fail with a "Naming violation" error. From logs/ldap (level 8, which seems to give the same output as level 4 BTW):
[10-Apr-2012 01:51:21 +0200]: C: Replace [dn: cn=John Doe CN,ou=public,ou=rcabook,dc=domain,dc=tld]: Array ( [cn] => John Doe CNUPDATED [sn] => Doe [givenname] => John )
[10-Apr-2012 01:51:21 +0200]: S: Naming violation
here you make a mistake: in RC config you use 'mail' as RDN, but your DN here is [cn=John Doe CN,ou=public,ou=rcabook,dc=domain,dc=tld] thus your RDN must be cn then!!!
- Adding groups under the LDAP directory fails:
as I allready wrote you, add this two lines to the group array and it works 'member_attr' => 'member', // name of the member attribute 'name_attr' => 'cn', // attribute to be used as group name
- Problems with editing and deleting facsimileTelephoneNumber and
jpegPhoto fields
It turns out that 'phone:fax' => 'facsimileTelephoneNumber' works for adding and editing a fax number, but you will not be able to remove or clear an existing one, at least not with the current code:
digging the code in program/steps/addressbook/func.inc I suppose that phone:fax is no RC field, you have to use phone:workfax or phone:homefax
I am using the photo field and you are right, I am not able to delete, but to replace the photo!
- manager, assistant and department fields do not work: manager and
assistant don't show up and cannot be added via "Add field..." at all, while department can be added, but upon saving the new entry the field gets emptied immediately (it appears before submission of the form).
I have never used this fields ...
'street' => 'street', 'zipcode' => 'postalCode', 'locality' => 'l', 'region' => 'st',
// does not exist in inetOrgPerson // 'country' => 'c',
you are right. I am using the folloing schema called myperson.schema:
attributetype ( 1.3.6.1.4.1.4203.666.1.95 NAME 'birthday' SUP name ) objectClass ( 1.3.6.1.4.1.4203.666.1.100 NAME 'myPerson' DESC 'Just my own Person' SUP inetOrgPerson STRUCTURAL MAY ( c $ birthday ) )
then it works, but you have to use myPerson then. I planned once to write a WIKI page about this topic, since it is not yet clear how to map all the RC fields to a sensefull LDAP attribute.
please give us feeback about your state now, thanks
Andreas
Hello list:
Thank you for the great support: Out of the original 7 (6 actually) issues, all but 2 (jpegPhoto/facsimileTelephoneNumber and manager/assistant) have been solved: details below!
Thank you Alec and Andreas for catching this!
uniqueMember 'name_attr' => 'cn', // attribute to be used as group name This also works really nice with selecting groups and then composing messages to them! Thank you Andreas!
One small suggestion: Shouldn't it be possible to automatically import contacts into a subgroup (if selected), similar to the contacts being imported into a specific address book if one is selected before pressing "Import Contacts"?
edit or delete them] Thank you for your suggestion Andreas (mapping phone:workfax or phone:homefax instead of just phone:fax to facsimileTelephoneNumber), but a) the file phone:fax does seems to work, and b) even changing the mapping does not make the field work as expected. Using iOS 5.1, I can add, edit and delete the jpegPhoto field. However, I can also not delete the Fax field with iOS 5.1. Both fields fail in RC with messages like this:
Apr 12 00:27:54 mail slapd[24250]: bdb_modify_internal: delete facsimileTelephoneNumber Apr 12 00:27:54 mail slapd[24250]: bdb_modify_internal: 18 modify/delete: facsimileTelephoneNumber: no equality matching rule Apr 12 00:27:54 mail slapd[24250]: hdb_modify: modify failed (18) Apr 12 00:27:54 mail slapd[24250]: send_ldap_result: conn=1276 op=2 p=3 Apr 12 00:27:54 mail slapd[24250]: send_ldap_result: err=18 matched="" text="modify/delete: facsimileTelephoneNumber: no equality matching rule"
please feel free to incorporate the code.
fields do not work, even though they exist in program/include/rcube_contacts.php. "manager" and "assistant" don't show up after mapping them, and also cannot be added via "Add field..." at all.
A small bug: "department" can be added, but upon saving the new entry the field gets emptied immediately (it appears before submission of the form) *if* the value of the textarea is actually "Department". The same is actually true for all fields: enter a value that is the default ("grey") value in a field, tab to or select the next text field, and your manually entered information ("First Name", "Department", whatever) is deleted!
Thank you very much, Achim
Hello Alec:
On 10.04.2012 08:12, A.L.E.C wrote:
On 10.04.2012 02:12, Achim wrote:
'LDAP_rdn' => 'mail',
'LDAP_rdn' => 'cn' should resolve at least one of your issues.
Correct: thanks for the hint!
// does not exist in inetOrgPerson // 'country' => 'c',
'c' is supported in svn-trunk version.
'c' is not supported in the schema inetOrgPerson that I was using in my OpenLDAP installation, so there was no place to store it, and hence the error.
Provide a test account for me.
Will be sent by PM.
Best regards, Achim
Hello Andreas:
On 10.04.2012 22:18, Andreas Dick wrote:
I am using the photo field and you are right, I am not able to delete, but to replace the photo!
I cannot edit a contact that contains a photo at all within RC: none of the fields can be edited, trying to delete the photo gives:
Apr 12 01:40:00 mail slapd[30367]: bdb_modify_internal: delete jpegPhoto Apr 12 01:40:00 mail slapd[30367]: bdb_modify_internal: 18 modify/delete: jpegPhoto: no equality matching rule Apr 12 01:40:00 mail slapd[30367]: hdb_modify: modify failed (18) Apr 12 01:40:00 mail slapd[30367]: send_ldap_result: conn=1013 op=2 p=3 Apr 12 01:40:00 mail slapd[30367]: send_ldap_result: err=18 matched="" text="modify/delete: jpegPhoto: no equality matching rule"
iOS works fine for editing other fields and deleting/replacing the image.
- manager, assistant and department fields do not work: manager and
assistant don't show up and cannot be added via "Add field..." at all, while department can be added, but upon saving the new entry the field gets emptied immediately (it appears before submission of the form).
I have never used this fields ...
OK, this is really just a detail for completenes sake, as the fields appear in both RC and inetOrgPerson.
'street' => 'street', 'zipcode' => 'postalCode', 'locality' => 'l', 'region' => 'st',
// does not exist in inetOrgPerson // 'country' => 'c',
you are right. I am using the folloing schema called myperson.schema:
attributetype ( 1.3.6.1.4.1.4203.666.1.95 NAME 'birthday' SUP name ) objectClass ( 1.3.6.1.4.1.4203.666.1.100 NAME 'myPerson' DESC 'Just my own Person' SUP inetOrgPerson STRUCTURAL MAY ( c $ birthday ) )
then it works, but you have to use myPerson then.
I saved the above to /etc/ldap/schema/myperson.schema, added the corresponding include to slapd.conf and restarted the service, but I got:
# service slapd restart Stopping OpenLDAP: slapd. Starting OpenLDAP: slapd - failed: ObjectClassDescription = "(" whsp numericoid whsp ; ObjectClass identifier [ "NAME" qdescrs ] [ "DESC" qdstring ] [ "OBSOLETE" whsp ] [ "SUP" oids ] ; Superior ObjectClasses [ ( "ABSTRACT" / "STRUCTURAL" / "AUXILIARY" ) whsp ] ; default structural [ "MUST" oids ] ; AttributeTypes [ "MAY" oids ] ; AttributeTypes whsp ")"
I planned once to write a WIKI page about this topic, since it is not yet clear how to map all the RC fields to a sensefull LDAP attribute.
That would be really helpful, perhaps along with a "perfect" matching for RC to LDAP that uses the most possible compatibility with Outlook and iOS?
Thank you for all your help, Achim
On 12.04.2012 01:06, Achim wrote:
One small suggestion: Shouldn't it be possible to automatically import contacts into a subgroup (if selected), similar to the contacts being imported into a specific address book if one is selected before pressing "Import Contacts"?
You can create a ticket in trac for this.
- [Able to add jpegPhoto and facsimileTelephoneNumber, but not able to
edit or delete them] Thank you for your suggestion Andreas (mapping phone:workfax or phone:homefax instead of just phone:fax to facsimileTelephoneNumber), but a) the file phone:fax does seems to work, and b) even changing the mapping does not make the field work as expected. Using iOS 5.1, I can add, edit and delete the jpegPhoto field. However, I can also not delete the Fax field with iOS 5.1. Both fields fail in RC with messages like this:
http://trac.roundcube.net/ticket/1488420
- was solved with the code I sent to the list a couple of days ago:
please feel free to incorporate the code.
Already fixed in svn-trunk. Thanks for catching it.
- is still current (but not really important): manager and assistant
fields do not work, even though they exist in program/include/rcube_contacts.php. "manager" and "assistant" don't show up after mapping them, and also cannot be added via "Add field..." at all.
A small bug: "department" can be added, but upon saving the new entry the field gets emptied immediately (it appears before submission of the form) *if* the value of the textarea is actually "Department". The same is actually true for all fields: enter a value that is the default ("grey") value in a field, tab to or select the next text field, and your manually entered information ("First Name", "Department", whatever) is deleted!
I'll see if I can reproduce. Feel free to open a ticket in trac.
On 12.04.2012 08:18, A.L.E.C wrote:
- is still current (but not really important): manager and assistant
fields do not work, even though they exist in program/include/rcube_contacts.php. "manager" and "assistant" don't show up after mapping them, and also cannot be added via "Add field..." at all.
I've fixed one bug, so now the fields are editable. However, adding values doesn't work:
C: Add [dn: mail=asdasd@asd.pl,....]: Array ( [secretary] => dcsdf ) S: Invalid syntax
A small bug: "department" can be added, but upon saving the new entry the field gets emptied immediately (it appears before submission of the form) *if* the value of the textarea is actually "Department". The same is actually true for all fields: enter a value that is the default ("grey") value in a field, tab to or select the next text field, and your manually entered information ("First Name", "Department", whatever) is deleted!
In svn-trunk it works if browser supports HTML5 placeholders.
On 12.04.2012 10:49, A.L.E.C wrote:
I've fixed one bug, so now the fields are editable. However, adding values doesn't work:
C: Add [dn: mail=asdasd@asd.pl,....]: Array ( [secretary] => dcsdf ) S: Invalid syntax
If I'm right, manager and secretary are fields which require DN values. So, it looks that the fix for this won't be simple. We need some autocompletion fields or sth to map name to DN.
http://trac.roundcube.net/ticket/1488421
On 12/04/12 09:49, A.L.E.C wrote:
On 12.04.2012 08:18, A.L.E.C wrote:
- is still current (but not really important): manager and assistant
fields do not work, even though they exist in program/include/rcube_contacts.php. "manager" and "assistant" don't show up after mapping them, and also cannot be added via "Add field..." at all.
I've fixed one bug, so now the fields are editable. However, adding values doesn't work:
C: Add [dn: mail=asdasd@asd.pl,....]: Array ( [secretary] => dcsdf ) S: Invalid syntax
A small bug: "department" can be added, but upon saving the new entry the field gets emptied immediately (it appears before submission of the form) *if* the value of the textarea is actually "Department". The same is actually true for all fields: enter a value that is the default ("grey") value in a field, tab to or select the next text field, and your manually entered information ("First Name", "Department", whatever) is deleted!
In svn-trunk it works if browser supports HTML5 placeholders.
I haven't been watching this thread too closely and so I could be wrong but I think some, if not most, of the issues may simply be configuration ones.
I have a working LDAP config with Round Cube and have no trouble updating or creating records.
I'm happy to share my config if it would be useful
Hello Alec:
On 12.04.2012 08:18, A.L.E.C wrote:
- [Able to add jpegPhoto and facsimileTelephoneNumber, but not able
to edit or delete them] Thank you for your suggestion Andreas (mapping phone:workfax or phone:homefax instead of just phone:fax to facsimileTelephoneNumber), but a) the file phone:fax does seems to work, and b) even changing the mapping does not make the field work as expected. Using iOS 5.1, I can add, edit and delete the jpegPhoto field. However, I can also not delete the Fax field with iOS 5.1. Both fields fail in RC with messages like this:
Trying to use the trunk version of rcube_ldap.php with 0.7.2 results in a new error when trying to delete the jpegPhoto:
[12-Apr-2012 13:19:21 +0200]: S: OK [12-Apr-2012 13:19:21 +0200]: C: Delete [dn: cn=Contact,cn=user@domain.tld,ou=private,ou=rcabook,dc=domain,dc=tld]: Array( [jpegphoto] => Array ( ..] ) ) [12-Apr-2012 13:19:21 +0200]: S: Inappropriate matching
Whenever this works, would it be possible to use the same "special treatment" for facsimilePhone?
Thanks, Achim
Hello f3isar:
On 12.04.2012 11:09, f3isar wrote:
I haven't been watching this thread too closely and so I could be wrong but I think some, if not most, of the issues may simply be configuration ones.
Correct, there are now only 2 issues remaining, and they do seem to be code-related.
I have a working LDAP config with Round Cube and have no trouble updating or creating records.
I'm happy to share my config if it would be useful
That would be great, so that we can compare with the configuration I posted, and as a result Andreas could perhaps include a "best practice" selection on the wiki page for LDAP?
Best regards, Achim
I forgot one thing:
On 12.04.2012 08:18, A.L.E.C wrote:
Editing contacts with a jpegPhoto now works by the way: thank you very much!
It is just the photo functionality like editing or removing that still seems broken.
Best regards, Achim
Den 2012-04-10 03:11, Achim skrev:
Now there are only 5 issues remaining ;-)
only ?
well i like to know how its setup in gui clients
how can it be sure that it works with other clients then roundcube ?
does all clients use common ldiff layout no matter what gui is used ?
lastly what clients are known to work with roundcube address book ?
On 12/04/12 12:31, Achim wrote:
Hello f3isar:
On 12.04.2012 11:09, f3isar wrote:
I haven't been watching this thread too closely and so I could be wrong but I think some, if not most, of the issues may simply be configuration ones.
Correct, there are now only 2 issues remaining, and they do seem to be code-related.
I have a working LDAP config with Round Cube and have no trouble updating or creating records.
I'm happy to share my config if it would be useful
That would be great, so that we can compare with the configuration I posted, and as a result Andreas could perhaps include a "best practice" selection on the wiki page for LDAP?
Best regards, Achim _______________________________________________ Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users
Here you go, my ldap config:
$rcmail_config['ldap_public']['Private'] = array( 'name' => 'Private Address Book', // Replacement variables supported in host names: // %h - user's IMAP hostname // %n - http hostname ($_SERVER['SERVER_NAME']) // %d - domain (http hostname without the first part) // %z - IMAP domain (IMAP hostname without the first part) // For example %n = mail.domain.tld, %d = domain.tld 'hosts' => array('mail.example.net'), 'port' => 389, 'use_tls' => true, 'ldap_version' => 3, // using LDAPv3 'user_specific' => true, // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login. // %fu - The full username provided, assumes the username is an email // address, uses the username_domain value if not an email address. // %u - The username prior to the '@'. // %d - The domain name after the '@'. // %dc - The domain name hierarchal string e.g. "dc=test,dc=domain,dc=com" // %dn - DN found by ldap search when search_filter/search_base_dn are used 'base_dn' => 'ou=Address Book,cn=%fu,%dc', 'bind_dn' => 'cn=%fu,%dc', 'bind_pass' => '', // It's possible to bind for an individual address book // The login name is used to search for the DN to bind with 'search_base_dn' => '', 'search_filter' => '', // e.g. '(&(objectClass=posixAccount)(uid=%u))' // DN and password to bind as before searching for bind DN, if anonymous search is not allowed 'search_bind_dn' => '', 'search_bind_pw' => '', // Default for %dn variable if search doesn't return DN value 'search_dn_default' => '', // Optional authentication identifier to be used as SASL authorization proxy // bind_dn need to be empty 'auth_cid' => '', // SASL authentication method (for proxy auth), e.g. DIGEST-MD5 'auth_method' => '', // Indicates if the addressbook shall be hidden from the list. // With this option enabled you can still search/view contacts. 'hidden' => false, // Indicates if the addressbook shall not list contacts but only allows searching. 'searchonly' => false, // Indicates if we can write to the LDAP directory or not. // If writable is true then these fields need to be populated: // LDAP_Object_Classes, required_fields, LDAP_rdn 'writable' => true, // To create a new contact these are the object classes to specify // (or any other classes you wish to use). 'LDAP_Object_Classes' => array("top", "person", "inetOrgPerson", "organizationalPerson", "evolutionPerson"), // The RDN field that is used for new entries, this field needs // to be one of the search_fields, the base of base_dn is appended // to the RDN to insert into the LDAP directory. 'LDAP_rdn' => 'cn', // The required fields needed to build a new contact as required by // the object classes (can include additional fields not required by the object classes). 'required_fields' => array("cn", "sn"), 'search_fields' => array('cn'), // mapping of contact fields to directory attributes 'fieldmap' => array( // Roundcube => LDAP
// Main information
'firstname' => 'gn',
'jobtitle' => 'businessRole',
'name' => 'cn',
'organization' => 'o',
//'photo' => 'jpegPhoto',
'prefix' => 'title',
'surname' => 'sn',
// Contact Properties
'email' => 'mail',
'phone:home' => 'homePhone',
'phone:work' => 'telephoneNumber',
'phone:mobile' => 'mobile',
// Work address
'address:work' => 'street',
//'zipcode:work' => 'postalCode',
//'locality:work' => 'l',
// Home address
'address:home' => 'homePostalAddress',
//'zipcode:home' => 'postalAddress',
//'locality:home' => 'otherPostalAddress',
//'region:home' => 'st',
//'country:home' => 'co',
'website' => 'labeledURI',
// Personal information tab
'anniversary' => 'anniversary',
'birthday' => 'birthDate',
'manager' => 'managerName',
'spouse' => 'spouseName',
// Notes tab
'notes' => 'note',
), 'sort' => 'cn', // The field to sort the listing by. 'scope' => 'one', // search mode: sub|base|list 'filter' => '(objectClass=evolutionPerson)', // used for basic listing (if not empty) and will be &'d with search queries. example: status=act 'fuzzy_search' => true, 'vlv' => false, // Enable Virtual List View to more efficiently fetch paginated data (if server supports it) 'numsub_filter' => '(objectClass=organizationalUnit)', // with VLV, we also use numSubOrdinates to query the total number of records. Set this filter to get all numSubOrdinates attributes for counting 'sizelimit' => '0', 'timelimit' => '0', 'referrals' => true|false, // Sets the LDAP_OPT_REFERRALS option. Mostly used in multi-domain Active Directory setups
// definition for contact groups (uncomment if no groups are supported) // for the groups base_dn, the user replacements %fu, %u, $d and %dc work as for base_dn (see above) // if the groups base_dn is empty, the contact base_dn is used for the groups as well // -> in this case, assure that groups and contacts are separated due to the concernig filters! 'groups' => array( 'base_dn' => 'ou=Groups,cn=%fu,%dc', 'filter' => '(objectClass=groupOfNames)', 'object_classes' => array("top", "groupOfNames"), 'member_attr' => 'member', // name of the member attribute, e.g. uniqueMember 'name_attr' => 'cn', // attribute to be used as group name ), );
// An ordered array of the ids of the addressbooks that should be searched // when populating address autocomplete fields server-side. ex: array('sql','Verisign'); $rcmail_config['autocomplete_addressbooks'] = array('Private');
// The minimum number of characters required to be typed in an autocomplete field // before address books will be searched. Most useful for LDAP directories that // may need to do lengthy results building given overly-broad searches $rcmail_config['autocomplete_min_length'] = 3;
// Number of parallel autocomplete requests. // If there's more than one address book, n parallel (async) requests will be created, // where each request will search in one address book. By default (0), all address // books are searched in one request. $rcmail_config['autocomplete_threads'] = 0;
// Max. numer of entries in autocomplete popup. Default: 15. $rcmail_config['autocomplete_max'] = 15;
// show address fields in this order // available placeholders: {street}, {locality}, {zipcode}, {country}, {region} $rcmail_config['address_template'] = '{street}<br/>{locality} {zipcode}<br/>{country} {region}';
// Matching mode for addressbook search (including autocompletion) // 0 - partial (*abc*), default // 1 - strict (abc) // 2 - prefix (abc*) // Note: For LDAP sources fuzzy_search must be enabled to use 'partial' or 'prefix' mode $rcmail_config['addressbook_search_mode'] = 0;
Hello f3isar:
On 15.04.2012 09:48, f3isar wrote:
Here you go, my ldap config: [..]
Thanks for sharing: would you mind also sharing the OpenLDAP configuration and scripts that you use (e.g, what schemas to include, how to create the individual users, etc?)
In additition: Do you also offer a public (per-domain) address book?
Thank you in advance, Achim