[turba] Shared address books

Craig White craigwhite at azapple.com
Sun Dec 18 19:51:05 PST 2005 

On Sun, 2005-12-18 at 13:37 -0900, mbox mbarsalou wrote: 
> Is it possible to use LDAP to have shared/restricted address books?
> 
> If so, has any written anything on setting something up like this?
> 
> My particular goal is to have one list of contacts (whether via ldap or
> whatever source would make it possible) that I could then have
> particular users/groups only see certain contacts.
> 
> I'm not quite certain how I might accomplish this, but would willingly
> work at accomplishing this task with a kick in the right direction. :)
> 
> What are my best choices to make something like this work?
> 
----
don't know what your best choices are but I don't know of any way to
restrict individual entries from 1 list.

What I normally do is publish a read only directory of the users
themselves, a shared directory which all users can read and some can
write (enforced by LDAP ACL/ACI) and have personal addressbooks which
are also enforced by LDAP ACL/ACI.

I have clipped the top of each section so you can see how I set it up in
turba/config/sources.php and the 'restrictions' are in the LDAP ACL's
(or in the case of Fedora Directory Server, ACI's)

### Shared Directory
$uid = Auth::getBareAuth();
$basedn = 'dc=azapple,dc=com';
$cfgSources['localldap'] = array(
    'title' => _("Shared Directory"),
    'type' => 'ldap',
    'params' => array(
        'server' => 'localhost',
        'port' => 389,
        'tls' => false,
        'root' => 'ou=AddressBook,dc=azapple,dc=com',
        'bind_dn' => 'uid=' . $uid . ',ou=People,' . $basedn,
        'bind_password' => Auth::getCredential('password'),

### Employee Directory
$uid = Auth::getBareAuth();
$basedn = 'dc=azapple,dc=com';
$cfgSources['base_ldap'] = array(
    'title' => _("Employee Directory"),
    'type' => 'ldap',
    'params' => array(
        'server' => 'localhost',
        'port' => 389,
        'tls' => false,
        'root' => 'ou=People,dc=azapple,dc=com',
        'bind_dn' => 'uid=' . $uid . ',ou=People,' . $basedn,
        'bind_password' => Auth::getCredential('password'),

### Personal LDAP
$uid = Auth::getBareAuth();
$basedn = 'dc=azapple,dc=com';
$cfgSources['personal_ldap'] = array(
    'title' => _("My LDAP Addressbook"),
    'type' => 'ldap',
    'params' => array(
        'server' => 'localhost',
        'tls' => false,
        'root' => 'ou=AddressBook,uid=' . $uid . ',ou=People,' .
$basedn,
        'bind_dn' => 'uid=' . $uid . ',ou=People,' . $basedn,
        'bind_password' => Auth::getCredential('password'),

HTH

Craig

More information about the turba mailing list