On 08/07/15 14:48, "Hugo" <m...@hugo.ro> wrote:
>you have to define two LDAP connections, one for the login auth, which >should be as it is now (filter unchanged), with: > > canAuthenticate = YES; > isAddressBook = NO; > >and another one for the address book only, where you set: > > canAuthenticate = NO; > isAddressBook = YES; > > >--->8--- >follow the documentation: >The filter to use for LDAP queries, it should be >defined as an EOQualifier. The following opera- >tors are supported: ><> – inequality operator >= – equality operator >Multiple qualifiers can be joined by using OR and AND, >they can also be grouped together by >using parenthesis. Attribute values should be >quoted to avoid unexpected behaviour. >For example: >filter = "(objectClass='mailUser' OR objectClass='mailGroup') AND >accountStatus='active' AND uid <> 'alice'"; >---8<--- > >that means, the filter for the address book should be something like this: >filter = "objectClass=mailUser AND accountStatus=active AND >enabledService=mail AND uid <> 'alice' AND uid <> 'bob'"; > >you have to substitute 'alice' and 'bob' with the UID of your LDAP users >to be hidden. > >regards, >hugo.- > >On 08.07.2015 08:20, Yavuz Maşlak wrote: >> >> >> On 08/07/15 04:33, "Hugo" <m...@hugo.ro> wrote: >> >>> hi >>> maybe there's another approach, but I think you could use a filter that >>> excludes those users from the search for the address book ldap >>> connection. something like: >>> (&(objectClass=person)(mail=*)(!(mail=t...@one.not))(!(t...@neith.er))) >>> of course, transformed into the sogo config style, see the docs for >>>that >>> http://www.sogo.nu/files/docs/SOGo%20Installation%20Guide.pdf >>> >>> >>> On 07.07.2015 22:52, Yavuz Maşlak wrote: >>>> Hello >>>> >>>> I installed sogo. I use ldap for user authentication. >>>> >>>> I want some accounts to be invisible from global address book. >>>> >>>> How can i do that ? >>>> >>>> Could you give me an example ? >>>> >>>> Thanks a lot >>> -- >>> users@sogo.nu >>> https://inverse.ca/sogo/lists >> >> >> My sogo filter conf like below >> filter = "objectClass=mailUser AND accountStatus=active AND >> enabledService=mail”; >> >> If i add addition the expression you gave, filter = >>"objectClass=mailUser >> AND >> (&(objectClass=person)(mail=*)(!(mail=t...@one.not))(!(t...@neith.er))) >> AND accountStatus=active AND enabledService=mail"; >> I can not login as the SOGO my user begins not to work. So i had to >>remove >> the new expression. >> What can be the problem >> >> >-- >users@sogo.nu >https://inverse.ca/sogo/lists Ok I added second Sogo source block something like below; SOGoUserSources = ( { type = ldap; hostname = "ldap://127.0.0.1:389";; baseDN = "o=domains,dc=domain,dc=com"; bindDN = "cn=vmailadmin,dc=domain,dc=com"; bindPassword = “PASSWD"; filter = "objectClass=mailUser AND accountStatus=active AND enabledService=mail AND uid <> ‘fi...@domain.com' AND uid <> ’sec...@domain.com'"; scope = SUB; userPasswordAlgorithm = ssha; IDFieldName = mail; bindFields = (mail); CNFieldName = cn; UIDFieldName = mail; IMAPLoginFieldName = mail; SearchFieldNames = (cn, sn, displayName, telephoneNumber, mail, shadowAddress); canAuthenticate = YES; displayName = "Global Address Book"; id = ldap_auth; isAddressBook = NO; } ); SOGoUserSources = ( { type = ldap; hostname = "ldap://127.0.0.1:389";; baseDN = "o=domains,dc=domain,dc=com"; bindDN = "cn=vmailadmin,dc=domain,dc=com"; bindPassword = “PASSWD"; filter = "objectClass=mailUser AND accountStatus=active AND enabledService=mail AND uid <> ‘fi...@domain.com' AND uid <> ’sec...@domain.com'"; scope = SUB; userPasswordAlgorithm = ssha; IDFieldName = mail; bindFields = (mail); CNFieldName = cn; UIDFieldName = mail; IMAPLoginFieldName = mail; SearchFieldNames = (cn, sn, displayName, telephoneNumber, mail, shadowAddress); canAuthenticate = NO; displayName = "Global Address Book"; id = ldap_auth; isAddressBook = YES; } ); ####################### But after sogo restarted, i can not login at sogo with my self account. How can i fix it? I put down the same filter settings. How should it be? Thanks -- users@sogo.nu https://inverse.ca/sogo/lists
