[turba] IMP ldap prefs/Turba personal ldap addresses

Gary C. New garycnew at yahoo.com
Fri Dec 6 00:26:08 2002


Lee,

Thank you very much for the excellent sample
information, especially the ACLs.  I believe I have a
better understanding now how Horde/IMP/Turba work with
ldap, now.

I have a couple of follow-up questions I would like to
ask you:

1.  Was a ldif file required when creating the new
ldap directory.  Do you have a sample of it?

2.  What attributes did you index with the new
directory in your slapd.conf file?

3.  What is required in just getting the horde prefs
working with ldap (I figured I'd get the prefs working
before going on to the personal addresses).

4.  Do you have any experience with the patch
suggested @
http://cvs.horde.org/co.php/turba/docs/LDAP

5.  These are the errors I am currently getting when
trying to login to IMP with the ldap errors (I
corrected my horde.php settings per your sample, but
it doesn't look like the new directory is being
initialized or populated):

IMP:
Warning: LDAP: Unable to perform the search: No such
object in /home/sites/www/horde/lib/Prefs/ldap.php on
line 292

Warning: LDAP: modify operation could not be
completed. in /home/sites/www/horde/lib/Prefs/ldap.php
on line 415

Warning: Cannot add header information - headers
already sent by (output started at
/home/sites/www/horde/lib/Prefs/ldap.php:292) in
/home/sites/www/horde/imp/redirect.php on line 84

LDAP:
Dec  5 17:07:04 mail slapd[5150]: conn=594 op=0 BIND
dn="UID=TEST@EXAMPLE.ORG,DC=WEBMAIL,DC=EXAMPLE,DC=ORG"
method=128 
Dec  5 17:07:04 mail slapd[5150]: conn=594 op=0 RESULT
tag=97 err=49 text= 
Dec  5 17:07:04 mail slapd[5145]: conn=594 op=1 SRCH
base="dc=webmail,dc=example,dc=org" scope=2
filter="(uid=test@example.org)" 
Dec  5 17:07:04 mail slapd[5145]: conn=594 op=1 RESULT
tag=101 err=32 text= 
Dec  5 17:07:04 mail slapd[5147]: conn=594 op=2 MOD
dn="uid=test@example.org,dc=webmail,dc=example,dc=org"

Dec  5 17:07:04 mail slapd[5147]: conn=594 op=2 RESULT
tag=103 err=32 text=

Thanks again for your assistance.

Respectfully,


Gary


--- Lee <lee@disinfo.com> wrote:
> I have a full ldap/turba implementation. Heres the
> requisite info:
> 
> turba/config/sources.php:
> 
> $vdomain = strtolower(preg_replace('|^mail\.|i', '',
>  
> $_SERVER['HTTP_HOST']));
> $usermail=Auth::getAuth();
> $uid = preg_replace('|@.*|i', '', $usermail);
> $pass=Auth::getCredential('password');
> 
> /*      PRIVATE ADDRESS BOOK      */
> 
> $cfgSources['private'] = array(
>         'title' => 'Personal Addressbook for ' .
> $uid,
>         'type' => 'ldap',
> 
>         'params' => array(
>             'server' => 'ldap.ourcompany.com',
>             'port' => 389,
>             'root' => 'ou=addressbook,uid=' . $uid. 
> 
> ',ou=users,dc=ourcompany,dc=com',
> 
>             /*BIND AS USER NOT AS ROOT    */
> 
>             'bind_dn' => 'uid=' . $uid .  
> ',ou=users,dc=ourcompany,dc=com',
>             'bind_password' => $pass,
>             'dn' => array('cn'),
>             'objectclass' => array(
> 'addressBookEntry' ),
>             'encoding' => 'utf8',
>             'version' => 3,
>             'filter' =>  ''
>         ),
> 
>         'map' => array(
>             '__key' => 'dn',
>             'name' => 'cn',
>             'email' => 'mail',
>             'homePhone' => 'homephone',
>             'workPhone' => 'telephonenumber',
>             'cellPhone' => 'mobile',
>             'homeAddress' => 'postaladdress',
>             'notes' => 'description'
>         ),
> 
>         'search' => array(
>             'name',
>             'email',
>             'homePhone',
>             'workPhone',
>             'cellPhone',
>             'homeAddress',
>             'notes'
>             ),
> 
>         'strict' => array(
>             'dn'
>             ),
> 
>         'public' => true,
>         'readonly' => false,
>         'admin' => array(),
>         'export' => true
>         );
> 
> 
> turba/config/attributes:
> 
> $attributes['name'] = array(
>      'type' => 'text',
>      'desc' => _("Name")
> );
> $attributes['alias'] = array(
>      'type' => 'text',
>      'desc' => _("Alias")
> );
> $attributes['email'] = array(
>      'type' => 'email',
>      'desc' => _("Email")
> );
> $attributes['title'] = array(
>      'type' => 'text',
>      'desc' => _("Title")
> );
> $attributes['company'] = array(
>      'type' => 'text',
>      'desc' => _("Company")
> );
> $attributes['homeAddress'] = array(
>      'type' => 'multiline',
>      'desc' => _("Home Address")
> );
> $attributes['workAddress'] = array(
>      'type' => 'multiline',
>      'desc' => _("Work Address")
> );
> $attributes['homePhone'] = array(
>      'type' => 'phone',
>      'desc' => _("Home Phone")
> );
> $attributes['workPhone'] = array(
>      'type' => 'phone',
>      'desc' => _("Work Phone")
> );
> $attributes['cellPhone'] = array(
>      'type' => 'phone',
>      'desc' => _("Cell Phone")
> );
> $attributes['fax'] = array(
>      'type' => 'phone',
>      'desc' => _("Fax")
> );
> $attributes['notes'] = array(
>      'type' => 'multiline',
>      'desc' => _("Notes")
> );
> 
> 
> horder/config/horde.php:
> 
> /**
>   ** Preference System Settings
>   **/
> 
> // What preferences driver should we use? Valid
> values are 'none'
> // (meaning use system defaults and don't save any
> user preferences),
> // 'session' (preferences only persist during the
> login), 'ldap',
> // and 'sql'.
> $conf['prefs']['driver'] = 'ldap';
> 
> // Any parameters that the preferences driver needs.
> This includes
> // database or ldap server, username/password to
> connect with, etc.
> $conf['prefs']['params'] = array();
> 
> // This is an example configuration for an LDAP
> preference backend.
> // The schemas needed for ldap are in
> horde/scripts/ldap.  For more
> // information see sources and comments in
> horde/lib/Prefs/ldap.php.
> $conf['prefs']['driver'] = 'ldap';
> $conf['prefs']['params']['hostspec'] =
> 'ldap.ourcompany.com';
> $conf['prefs']['params']['port'] = '389';
> $conf['prefs']['params']['basedn'] =
> 'ou=users,dc=ourcompany,dc=com';
> $conf['prefs']['params']['uid'] = 'uid';
> 
> slapd.conf - ACLS:
> 
> # Define global ACLs to disable default read access.
> defaultaccess none
> 
> access to
>
dn=".*ou=addressbook,(uid=.+),ou=users,dc=ourcompany,dc=com"
>         by dn="$1,ou=users,dc=ourcompany,dc=com"
> write
>         by anonymous auth
>         by * none
> 
> access to *  
>
attr=userPassword,cn,sn,givenName,hordePrefs,impPrefs,turbaPrefs,kronoli
> 
> thPrefs
>              by self write
>              by * auth
> 
> access to * by self read
>              by * auth
> 
> 
> Schema - We created an auxiliary objectclass with
> the horde attributes  
> that we add to inetOrgPerson to make our full user
> accounts. You can do  
> this yourself, or you can just make your
> useraccounts hordePerson. (FYI  
> not using our real oids below, so I wouldnt copy it.
> You can get oids  
> free online if you need to create your own schema).
> Likewise we created  
> our own addressbook objectclass. Once again you can
> use a standard  
> person, inetOrgPerson or whatever if you dont want
> to have to create  
> your own. Just make sure you tell change turba's
> sources:map  
> accordingly.
> 
> objectclass ( 1.3.6.1.4.1.0.0.00
>          NAME 'companyEmailService'
>          DESC 'Attributes to Store User Preferences'
>          SUP top AUXILIARY
>          MAY ( emailServiceId $
> emailServiceTransactionId $
>                routingEmailAddress $
> publicEmailAddress $
>                emailServiceMailstoreAddress $ mail $
>                hordePrefs $ impPrefs $ turbaPrefs $
> gollemPrefs $  
> kronolithPrefs $
>                mnemoPrefs $ trollPrefs $ nagPrefs )
>          )
> 
> objectclass ( 1.3.6.1.4.1.0.0.00
>          NAME 'addressBookEntry'
>          DESC 'Addressbook Attributes'
>          SUP top
>          STRUCTURAL
>          MUST cn
>          MAY ( mail $ cn $ homePhone $
> telephoneNumber $
>                mobile $ postalAddress $ description
> )
>          )
> 
> 
> Our ldap is set up as follows:
> 
> dc=ourcompany,dc=com
> |
> ou=users
> |
> uid=someuseruid
> objectclass: top
> objectclass: ....
> objectclass: inetOrgPerson
> objectclass: companyEmailService
> ....
> hordePrefs
> impPrefs
> .....
> |
> ou=addressbook
> |
> cn=personname
> objectclass: addressBookEntry
> ....
> 
> Sincerely,
> Lee
> 
> 
> 
> On Thursday, December 5, 2002, at 10:32 AM, Partha
> wrote:
> 
> > Hi ,
> > I am in same boat as you.I too need the same
> > configuration.I did try with that bits and pieces
> but
> > not to the compeltion.I am giving it a rest untill
> > week end and then try it again :-) .
> >
> > Please post some bits and pieces if get it
> running.
> >
> > Thanks in advance
> > Partha
> >
> > --- "Gary C. New" <garycnew@yahoo.com> wrote:
> >> I am attempting to install and configure
> IMP/Turba
> >> completely with ldap prefs and personal
> addresses.
> >> I've been able to find several bits and pieces of
> >> info
> >> regarding the topic, but I still seem to be
> missing
> >> some key parts.
> >>
> >> Has anyone on this list been successful in a full
> >> IMP/Turba ldap installation?  Can you point me to
> >> some
> >> more complete documentation configuring IMP/Turba
> >> with
> >> ldap?
> >>
> >> I would especially appreciate sample slapd.conf
> and
> >> horde.php files.
> >>
> >> Respectfully,
> >>
> >>
> >> Gary
> >>
> >>
> __________________________________________________
> >> Do you Yahoo!?
> >> Yahoo! Mail Plus - Powerful. Affordable. Sign up
> >> now.
> >> http://mailplus.yahoo.com
> >>
> >> -- 
> >> Turba mailing list
> >> Frequently Asked Questions: http://horde.org/faq/
> >> To unsubscribe, mail:
> > turba-unsubscribe@lists.horde.org
> >
> >
> > __________________________________________________
> > Do you Yahoo!?
> > Yahoo! Mail Plus - Powerful. Affordable. Sign up
> now.
> > http://mailplus.yahoo.com
> >
> > -- 
> > Turba mailing list
> > Frequently Asked Questions: http://horde.org/faq/
> > To unsubscribe, mail:
> turba-unsubscribe@lists.horde.org
> 
> 
> -- 
> Turba mailing list
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: turba-unsubscribe@lists.horde.org

__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com


More information about the turba mailing list