Hi Roundcube experts!
We've got an ldap structure like this one
{{{
dc=tld,dc=dn,ou=people,ou=company,uid=foo
dc=tld,dc=dn,ou=people,ou=contacts,ou=foo,cn=foocontact1
dc=tld,dc=dn,ou=specialUser,cn=contactWriter
}}}
With the following roundcube configuration for contacts (company ldap is
another one), we're using this configuration:
{{{
$rcmail_config['ldap_public']['Personal'] = array(
'name' => 'Personal',
'hosts' => array('<% if @dirsrvprefix %><%= @dirsrvprefix %>.<% end
%><%= @dn %>.<%= @tld %>'),
'port' => 389,
'use_tls' => false,
'ldap_version' => 3, // using LDAPv3
'network_timeout' => 10, // The timeout (in seconds) for connect + bind
arrempts. This is only supported in PHP >= 5.3.0 with OpenLDAP 2.x
'user_specific' => false, // If true the base_dn, bind_dn and bind_pass
default to the user's IMAP login.
'base_dn' => 'ou=%u,ou=contacts,ou=people,dc=<%= @dn %>,dc=<%= @tld
%>',//
'bind_dn' => 'cn=<%= @contactSO %>,ou=Special users,dc=<%= @dn
%>,dc=<%= @tld %>',
'bind_pass' => '<%= @contactSOPwd %>',
'search_base_dn' => 'ou=%u,ou=<%= @contactOu %>,ou=people,dc=<%= @dn
%>,dc=<%= @tld %>',
'search_filter' => '(objectClass=inetOrgPerson)', (uid=%u))'
'search_bind_dn' => 'cn=<%= @contactSO %>,ou=Special users,dc=<%= @dn
%>,dc=<%= @tld %>',
'search_bind_pw' => '<%= @contactSOPwd %>',
'hidden' => false,
'searchonly' => false,
'writable' => true,
'LDAP_Object_Classes' => array('top',
'person','organizationalPerson','inetOrgPerson'),
'LDAP_rdn' => 'cn',
'required_fields' => array('cn', 'sn', 'mail'),
'search_fields' => array('mail', 'sn', 'cn'), // fields to search in
'fieldmap' => array(
'name' => 'givenName',
'surname' => 'sn',
'firstname' => 'cn',
'email' => 'mail',
),
),
'sort' => 'cn', // The field to sort the listing by.
'scope' => 'sub', // search mode: sub|base|list
'filter' => '(objectClass=inetOrgPerson)', // used for basic
listing (if not empty) and will be &'d with search queries. example:
status=act
'fuzzy_search' => true, // server allows wildcard search
'vlv' => false, // Enable Virtual List View to more efficiently
fetch paginated data (if server supports it)
'sizelimit' => '0', // Enables you to limit the count of entries
fetched. Setting this to 0 means no limit.
'timelimit' => '0', // Sets the number of seconds how long is spend
on the search. Setting this to 0 means no limit.
'referrals' => false,
);
}}}
With this configuration, we'll hope that creating a new 'foocontact1' via
the GUI while logging with 'foo' would add it as
dc=tld,dc=dn,ou=people,ou=contacts,ou=foo,cn=foocontact1, and that search
for this user will only resolve entries that are located in
dc=tld,dc=dn,ou=people,ou=contacts,ou=foo
Unfortunately, using roundcube V 0.9.5-1.fc19 , entries are not created,
and the log seems to show that
{{{
%u
}}}
doesn't seem to be resolved while adding or searching:
{{{
[12-Apr-2015 17:28:44 +0000]: S: OK
[12-Apr-2015 17:28:44 +0000]: C: Bind [dn:
cn=roundcubeContactsWriter,ou=Special Users,dc=osgiliath.is-a-chef,dc=net]
[pass: MyUltraProtectedRouncubeLdapContactsPassword]
[12-Apr-2015 17:28:44 +0000]: S: OK
[12-Apr-2015 17:28:44 +0000]: C: Close
[12-Apr-2015 17:28:51 +0000]: C: Connect [
contacts.osgiliath.is-a-chef.net:389] [Personal]
[12-Apr-2015 17:28:51 +0000]: S: OK
[12-Apr-2015 17:28:51 +0000]: C: Bind [dn:
cn=roundcubeContactsWriter,ou=Special Users,dc=osgiliath.is-a-chef,dc=net]
[pass: MyUltraProtectedRouncubeLdapContactsPassword]
[12-Apr-2015 17:28:51 +0000]: S: OK
[12-Apr-2015 17:28:51 +0000]: C: Search
[(&(objectClass=inetOrgPerson)(|([email protected])))][dn:
ou=%u,ou=contacts,ou=people,dc=osgiliath.is-a-chef,dc=net]
[12-Apr-2015 17:28:51 +0000]: S: No such object
[12-Apr-2015 17:28:51 +0000]: C: Search
[(&(objectClass=inetOrgPerson)(|([email protected])))][dn:
ou=%u,ou=contacts,ou=people,dc=osgiliath.is-a-chef,dc=net]
[12-Apr-2015 17:28:51 +0000]: S: No such object
[12-Apr-2015 17:28:51 +0000]: C: Add [dn:
cn=aa,ou=%u,ou=contacts,ou=people,dc=osgiliath.is-a-chef,dc=net]: Array
(
[givenname] => aa aa
[sn] => aa
[cn] => aa
[mail] => [email protected]
[objectClass] => Array
(
[0] => top
[1] => person
[2] => organizationalPerson
[3] => inetOrgPerson
)
)
}}}
Regards,
--
Charlie Mordant
Full OSGI/EE stack made with Karaf:
https://github.com/OsgiliathEnterprise/net.osgiliath.parent
_______________________________________________
Roundcube Users mailing list
[email protected]
http://lists.roundcube.net/mailman/listinfo/users
