[turba] Re:LDAP ADD CONTACT

eculp at encontacto.net eculp at encontacto.net
Wed Dec 4 18:32:22 2002


Quoting Partha <parth11@yahoo.com>:

 | Hi
 | 
 | sorry,I meant was I needed to add password for
 | cn=my-login@my-domain.com,ou=people,dc=my-domain,dc=com.
 | I did ldapmodify to add userpassword attribute,is it
 | any different than that you suggested.I see a user
 | password attribute on list in the directory but I
 | still have same error in my log(does not write acces
 | to parent directory).

Can you now do 

ldappasswd -x -D 'cn=my-login@my-domain.com,ou=people,dc=my-domain,dc=com' \
-w thePasswordYouAddedWithLdapModify -s aNewPassword \
'cn=my-login@my-domain.com,ou=people,dc=my-domain,dc=com'

with success?  If I recall, the acl's you sent previously allowed each
user to modify their entry.  If you are successful, try logging in again
and if that isn't successful please send the lines from your slapd.log
that are not "err 0" during the attempt.

Thanks,

ed

 | 
 | I did uncomment this line:
 | #'bind_password' => Auth::getCredential('password'),
 | from /home/turba/config/sources.php file
 | 
 | I am a newbie to ldap.....
 | 
 | Thanks a lot
 | 
 | Partha
 | 
 | --- eculp@encontacto.net wrote:
 | > Quoting Partha <parth11@yahoo.com>:
 | >
 | >  | Hi,
 | >  | Thanks for your patience and time.This is first
 | > time I
 | >  | am posting so I am not sure reply to your mail id
 | > or
 | >  | to turba's list.
 | >  |
 | >  | I have directory structure:
 | >  | dc=my-domain,dc=com
 | >  |     |
 | >  |     |-ou=Personal Address book
 | >  |     |         |-ou=my-login@my-domain.com
 | >  |     |                  |-cn=james Bond
 | >  |     |
 | >  |     |-ou=people
 | >  |               |-cn=my-login@my-domain.com
 | >  |
 | >  | I do not have password entry for ou=people,I
 | > don't
 | >  | know how to add one or modify.
 | >  |
 | >  | My problem might be the password- How do I add
 | >  | password and use it .
 | >
 | > If I remember correctly from your previous email,
 | > you have commented
 | > out the password for the user in your
 | > horde/turba/sources.php
 | > I don't see why you need a password for ou=people
 | > but you do need one
 | > for
 | >
 | cn=my-login@my-domain.com,ou=people,dc=my-domain,dc=com
 | >
 | > If you don't have one you can add it with the
 | > following command changing
 | > the example to your real values.
 | >
 | > ldappasswd -x -D 'cn=manager,dc=my-domain,dc=com' -w
 | > rootpassword \
 | >    -s YourPassword
 | >
 | 'cn=my-login@my-domain.com,ou=people,dc=my-domain,dc=com'
 | >
 | > The above is actually one line as shown by the "\"
 | > escape char.
 | >
 | > You will then need to remove the # from the
 | >
 | > #'bind_password' => Auth::getCredential('password'),
 | >
 | > line and if we are lucky, it might just work :-)
 | >
 | > good luck,
 | >
 | > ed
 | >  |
 | >  | Thanks in advance
 | >  | Partha
 | >  |
 | >  | | Hi All
 | >  |  | I want to use LDAP for my personal address
 | > book.I
 | >  | went
 | >  |  | through lot of reading material but still
 | > can't get
 | >  | it
 | >  |  | right.
 | >  | I've got a few questions below that could
 | > possibly be
 | >  | part of the
 | >  | problem but again they could just be typos
 | > because
 | >  | this may not
 | >  | be a cut and paste of your sources.php.
 | >  |
 | >  |  |
 | >  |  | I have problem adding contact to my personal
 | >  | address
 | >  |  | book.
 | >  |  |
 | >  |  | my sources.php looks like this--->
 | >  |  | $cn = Auth::getAuth();
 | >  |
 | >  | You are sure that the above returns the value of
 | > the
 | >  | directory
 | >  | attribute
 | >  | for cn in all cases?  CN then is what you use for
 | >  | login.
 | >  |
 | >  |  | #$temp = Auth::getCredential('password');
 | >  |  | #preg_match = ("/(^.*)@/"),$cn,$cn);
 | >  |  | #Print $cn ."-This is cn--";
 | >  |  |
 | >  |  | /**
 | >  |  |  * A local directory in an LDAP directory.
 | > This
 | >  |  | implements a public (shared)
 | >  |  |  * address book.
 | >  |  |  */
 | >  |  | $cfgSources['localldap'] = array(
 | >  |  |     'title' => 'Shared LDAP Directory',
 | >  |  |     'type' => 'ldap',
 | >  |  |     'params' => array(
 | >  |  |         'server' => 'localhost',
 | >  |  |         'port' => 389,
 | >  |  |         'root' => 'ou='.$cn.',ou=Personal
 | > Address
 | >  |  | Book,dc=my-domain,dc=com',
 | >  |
 | >  | How can you have a dynamic value for the above ou
 | >  | attribute?  That
 | >  | would
 | >  | mean that there is an entry in your directory
 | >  | something like the
 | >  | following
 | >  | for each user.
 | >  |
 | >  | dn: ou=user1,ou=Personal Address
 | >  | Book,dc=my-domain,dc=com
 | >  | ou: user1
 | >  | objectClass: top
 | >  | objectClass: organizationalUnit
 | >  |
 | >  | dn: ou=user2,ou=Personal Address
 | >  | Book,dc=my-domain,dc=com
 | >  | ou: user1
 | >  | objectClass: top
 | >  | objectClass: organizationalUnit
 | >  |
 | >  | Do you have that?
 | >  |
 | >  |  |         'bind_dn' =>
 | >  |  | 'cn='.$cn.',ou=people,dc=my-domain,dc=com',
 | >  |
 | >  | The above would seem to be ok but I'm confused
 | > because
 | >  | of the # before
 | >  | bind_password.  If the password isn't present you
 | >  | could get "no write
 | >  | access".
 | >  | The first would/should be correct with the above
 | > line.
 | >  |
 | >  |  | 	#'bind_password' =>
 | >  | Auth::getCredential('password'),
 | >  |  |         #'bind_password' => '********',
 | >  |  |         'dn' => array('cn'),
 | >  |  |         'objectclass' => 'person',
 | >  |  |         'version' => 3
 | >  |  |     ),
 | >  |  |     'map' => array(
 | >  |  |         '__key' => 'dn',
 | >  |  |         'name' => 'cn',
 | >  |  |         'email' => 'mail',
 | >  |  |         'homePhone' => 'telephonenumber',
 | >  |  |         'workPhone' => 'workphonenumber',
 | >  |  |         'cellPhone' => 'cellphonenumber',
 | >  |  |         'homeAddress' => 'homeaddress'
 | >  |  |     ),
 | >  |  |     'search' => array(
 | >  |  |         'name',
 | >  |  |         'email',
 | >  |  |         'homePhone',
 | >  |  |         'workPhone',
 | >  |  |         'cellPhone',
 | >  |  |         'homeAddress'
 | >  |  |     ),
 | >  |  |     'strict' => array(
 | >  |  |         'dn'
 | >  |  |     ),
 | >  |  |     'public' => true,
 | >  |  |     'readonly' => false,
 | >  |  |     'admin' => array(),
 | >  |  |     'export' => true
 | >  |  | );
 | >  |  |
 | >  |  |
 | >  |  | My ACCESS CONTROL looks slapd.conf---->
 | >  |  |
 | >  |  | access to dn="ou=.*,ou=Personal Address
 | >  |  | Book,dc=desmac,dc=com"
 | >  |  | 	by * read
 | >  |  | 	by dn="cn=$1,ou=people,dc=my-domain,dc=com"
 | > write
 | >  |
 | >  | The above should work if you have actually
 | > declared
 | >  | each user as an
 | >  | organizationalUnit, which there is nothing wrong
 | > with,
 | >  | BTW.  I just
 | >  | haven't run across it before.
 | >  |
 | >  | I hope this helps you find the problem.  I could
 | > very
 | >  | well have
 | >  | overlooked
 | >  | other things, I'm a bit tired and not familiar
 | > with
 | >
 | === message truncated ===
 | 
 | 
 | __________________________________________________
 | Do you Yahoo!?
 | Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
 | http://mailplus.yahoo.com
 | 
 | --
 | Turba mailing list
 | Frequently Asked Questions: http://horde.org/faq/
 | To unsubscribe, mail: turba-unsubscribe@lists.horde.org
 | 


-- 


-------------------------------------------------



More information about the turba mailing list