[turba] LDAP setup
Jean-Luc Wasmer
jl.horde at wasmer.ca
Sat Aug 30 05:30:15 PDT 2003
> The problem is that my user accounts are stored in /etc/passwd - and not in
> LDAP.
>
> How can I grant each user write access to his/her own address book?
> I suppose I'll have to use the "passwd" backend and somehow let slapd
> authenticate users using this. Any clues/hints on how to do this?
I'm not 100% sure, but I guess you'll have to get the SASL library and compile
LDAP with SASL.
The SASL docs says:
"/etc/passwd, via the call getpwnam(), is supported innately in the library.
Simply set the configuration option "pwcheck_method" to "passwd"."
By default, sasldb (the SASL secrets database) is used.
>
> And how do I set the ownership for each organizational unit representing an
> addressbook?
This is explained in turba/docs/LDAP :
3. Enforce ACL's to personal address books.
Add this to your LDAP ACL so users can only see their own address book:
Please note: this assumes that you store your users in the same LDAP
directory. If not, modify appropriately for your setup.
access to dn="ou=(.+), ou=personal_addressbook, dc=example, dc=com"
by dn="uid=$1, dc=example, dc=com" write
by * none
More information about the turba
mailing list