[turba] Re: ldap global address book.

Neal Timm neal.timm at trillion.net
Fri Mar 4 05:57:24 PST 2005


Thanks for the response.  My problem is I can't make any changes to ldap
we are using postfixadmin for virtual hosting it it slings entries in to
some mysql tables which ldap then reads.  I can see the mysql queries
being executed the first query it does doesn't return anything but the
second query it does is exactly the same as the one from outlook express
but my guessing is that since the first one fails nothing gets returned.


-----Original Message-----
From: Craig White [mailto:craigwhite at azapple.com] 
Sent: Thursday, March 03, 2005 10:02 PM
To: turba at lists.horde.org
Subject: [turba] Re: ldap global address book.

On Thu, 2005-03-03 at 20:08 -0600, Neal Timm wrote:
> I have a global address book stored in ldap I can search entries using
> outlook express fine but with turba nothing ever gets returned.  Here
is
> a query I use via ldap search.
> 
> If someone could point me to the right variables in the sources.php I
> would appreciate it.
> 
>  
> 
> ldapsearch -x -b 'dc=domain,dc=net' '(objectclass=*)'
> 
> # extended LDIF
> 
> #
> 
> # LDAPv3
> 
> # base <dc=trillion,dc=net> with scope sub
> 
> # filter: (objectclass=*)
> 
> # requesting: ALL
> 
> #
> 
>  
> 
> # ntimm, domain.net
> 
> dn: cn=ntimm,dc=domian,dc=net
> 
> objectClass: inetOrgPerson
> 
> cn: neal
> 
> mail: ntimm at domain.net
----
My idea of ldap DIT is to have 'containers' for the various objects and
thus, I wouldn't think it a great idea to put users in the base of my
DIT.

You might consider...

ou=People,dc=domain,dc=net
ou=Groups,dc=domain,dc=net

then a dn: for ntimm would look like...

uid=ntimm,ou=People,dc=domain,dc=com
and this dn: might include attributes like
ou: top
ou: person
ou: inetOrgPerson
ou: sambaSamAccount
ou: calEntry
cn: ntimm
sn: Timm
userPassword: someencryptedpassword
sambaLMPassword: someencryptedpassword
sambaNTPassword: someencryptedpassword
sambaSID: S-1...
sambaPrimaryGroupSID: S-1...

this is all from the top of my head and I may have messed some things up
and missed some obvious required entries

of course, you are free to set things up as you wish.

the 'root' setup in turba would best be set to the root ou for your
'People' category, whatever you call it and thus, not do sub searching.

I think that trying to use applications to learn how to do ldap is too
indirect, too frustrating and at best ineffective way to learn ldap -
you need to learn to use LDAP and plan it's structure and stuff before
you try to integrate it into applications, and when you do try to
integrate it into applications, best to try simple system applications -
i.e. authentication stuff for imap, ssh etc.

Craig

-- 
Turba mailing list - Join the hunt: http://horde.org/bounties/#turba
Frequently Asked Questions: http://horde.org/faq/
To unsubscribe, mail: turba-unsubscribe at lists.horde.org


More information about the turba mailing list