Re: openldap + kmail

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


On Wed, 2008-04-23 at 22:09 +0100, Timothy Murphy wrote:
> Craig White wrote:
> >> Is anyone successfully using openldap to maintain an address book?
> > ----
> > sure - lots of them
> I've seen many discussions of this,
> but never seen an actual example of an ldap address book
> working with KDE kontact/kaddressbook.
the client (in your Kaddressbook/Kontact) is probably the meaningless
part because OpenLDAP provides LDAPv3 services to any LDAPv3 client (v2
is possible too but not allowed by default).
> >> As far as I can see, if you save kaddressbook data in LDIF format,
> >> the resulting file has to be extensively modified
> >> before it becomes acceptable to openldap.
> >> 
> >> Eg the DN of a typical entry in the LDIF file reads
> >>         dn: cn=Andrew Ryan,[email protected]
> >> which openldap certainly will not like.
> > ----
> > it's not openldap that *wouldn't like this* - it's that there is nothing
> > that says that an ldif file that program X creates in an 'export'
> > operation will match up to the restrictions imposed by your LDAP
> > setup...which is generally the case.
> I'm no expert in openldap,
> but I don't see why kaddressbook doesn't use the LDAP DN
> specified in the KAddressBook->LDAP Lookup 
> when creating the LDIF.
> Or at least it could ask you what DNs you want to use.
I suppose that you could put in an RFE
> > all you need to do is to figure out a way to edit (sed/awk/perl/?) this
> > ldif in a way that matches your setup so that you can import these
> > things without a problem.
> > 
> > for example...
> > while this isn't likely to work...
> >   dn: cn=Andrew Ryan,[email protected]
> > this could conceivably work...
> >   dn: cn=Andrew
> > Ryan,[email protected],ou=AddressBook,dc=gayleard,dc=org
> That's more or less exactly what I do.
> But I don't think it should be necessary.
LDAP's entirely rigid about this too.
> >> What puzzles me about this is that the issue must be one
> >> which occurs to many people.
> >> How is one meant to keep a "global" address book under Fedora?
> > Well, since Kmail is a 'write' capapble LDAP client, it is possible to
> > simply create an empty LDAP 'organizationalUnit' for an address book and
> > add entries directly via Kaddressbook. This of course insists that you
> > comport with specific rules such as entries that absolutely require an
> > 'sn' attribute (last name), etc.
> Is it possible to do that?
> Could you be a bit more specific please?
> I thought one needed to include the host 
> (ou=People,dc=www,dc=xyz,dc=com in my case)?
OK, say you have slapd.conf
and in the database section, you have...

database        bdb
suffix          "dc=www,dc=xyz,dc=com"

and in your ACL's, you have something like

access to dn.subtree="dc=www,dc=xyz,dc=com"
        by * write
access to dn.subtree="ou=People,dc=www,dc=xyz,dc=com"
        by * write
access to dn.subtree="ou=AddressBook,ou=People,dc=www,dc=xyz,dc=com"
        by * write

you're pretty much good to go.

Now, import a simple little ldif that creates the AddressBook ou

dn: ou=People,dc=www,dc=xyz,dc=com
objectClass: organizationalUnit
ou: People

dn: ou=AddressBook,ou=People,dc=www,dc=xyz,dc=com
objectClass: organizationalUnit
ou: AddressBook

import it and you're good to go

Why do I get the feeling that you never bought the Gerald Carter book I
told you to buy?


fedora-list mailing list
[email protected]
To unsubscribe:

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux