[turba] Re: LDAP scope

Craig White craigwhite at azapple.com
Sun Feb 20 18:03:44 PST 2005 

On Sun, 2005-02-20 at 19:21 -0600, Edwin L. Culp wrote:
> Quoting Craig White <craigwhite at azapple.com>:
> 
> > Am getting serious now about setup.
> >
> > I have 3 different LDAP Address Books set up.
> >
> > One of them is the Users themselves which is the base for all
> > posix/samba attributes and I also put individual users personal address
> > books into an ou inside their attributes...
> >
> > i.e.
> >
> > uid=Administrator,ou=People,dc=azapple,dc=com
> >
> > in horde/turba/config/sources.php, this is represented as...
> > $cfgSources['base_ldap'] = array(
> >     'title' => _("Employee Directory"),
> >
> > Then this user would have his own personal address book...
> >
> > ou=AddressBook,uid=Administrator,ou=People,dc=azapple,dc=com
> >
> > in horde/turba/config/sources.php, this is represented as...
> > $cfgSources['personal_ldap'] = array(
> >     'title' => _("My LDAP Addressbook"),
> >
> > so far so good. But a listing of the first one - the base_ldap also
> > shows entries that are in people's personal address books (not good).
> >
> > so I wanted to restrict the 'scope' and not use sub but rather
> > one/onelevel but that isn't working...
> >
> > i.e. - back to the base_ldap...
> >
> > $basedn = 'dc=azapple,dc=com';
> > $cfgSources['base_ldap'] = array(
> >     'title' => _("Employee Directory"),
> >     'type' => 'ldap',
> >     'params' => array(
> >         'server' => 'localhost',
> >         'port' => 389,
> >         'tls' => false,
> >         'root' => 'ou=People,dc=azapple,dc=com',
> >         'bind_dn' => 'uid=' . $uid . ',ou=People,' . $basedn,
> >         'bind_password' => Auth::getCredential('password'),
> >         'sizelimit' => 200,
> >         'dn' => array('uid'),
> >         'objectclass' => array('top',
> >                                'person',
> >                                'organizationalPerson',
> >                                'inetOrgPerson',
> >                                'calEntry'),
> >         'charset' => 'iso-8859-1',
> >         'checkrequired' => false,
> >         'checkrequired_string' => ' ',
> >         'version' => 3,
> >         'scope' => 'one'
> >     ),
> >
> > Any suggestions how how to limit this search? Is scope not the proper
> > keyword?
> 
> Maybe change your root and/or add a filter should do it.
> 
> example for
>    $cfgSources['corporativo'] = array(
> my root is
>    'root' => 'ou=people,o=mydomain.org',
> and I use
>    'filter' => 'mail=' . '*@' . $vdomain,
> That searches all users [employees] from all companies and displays only the
> ones who have an email from their domain.
> 
> I do something similar in my other addressbooks that very from 2 to 6 usually.
----
I would rather move my user address books to an entirely different
contain than do that as sub searching even with additional restrictions
on the filters is if nothing else a waste of time/resources and not
necessary.

a quick search of horde/turba/lib/Driver/ldap.php doesn't reveal
anything like a scope option which confuses me - as scopes are one of
the basic elements of ldapsearch functions.

I guess I'm missing something basic here.

Craig

More information about the turba mailing list