1

Topic: LDAP addressbook per user

Hello,

Did anyone did LDAP adressbook per user with iRedMail. I am trying since 2 days without results. Is there any official howto? I am trying since 2 days but have problem with authorization.

I would greatly appreciate any help on that subject.

2

Re: LDAP addressbook per user

It works. What is problem ?

3

Re: LDAP addressbook per user

LDAP is new for me... I would like to configure the clients to have their own addressbooks... do you have any howto... I added a new ou where the adressbooks should be stored, but can't get it to work sad ... I've added to sldap.conf something like that : (with my dc domain of course)

access to dn.regex="ou=AddressBook,domainName=([^,]+),dc=domain,dc=tld"
by anonymous auth
by self write
by dn.exact="cn=vmail,dc=domain,dc=tld" read
by dn.exact="cn=vmailadmin,dc=domain,dc=tld" write
by dn.regex="mail=[^,]+@$1,ou=domainAdmins,dc=domain,dc=tld" write
by dn.regex="mail=[^,]+@$1,ou=Users,domainName=$1,o=domains,dc=domain,dc=tld" write
by users 

But still I can not authenticate.

4

Re: LDAP addressbook per user

Please describe what you want/expected, instead of something 'not work'.

5

Re: LDAP addressbook per user

I would like to add a possibility for each user to store personal address book which would be hosted in LDAP. I intend to be authenticated with the same credentials as used for authenticating to the mailbox.

Clients which will be used are:
Kmail
Apple Mail
Roundcube

6

Re: LDAP addressbook per user

Mail clients only query addresses from LDAP, the problems are
- Who can add/delete/modify user's address book?
- How to manage it?

Of course you need to modify OpenLDAP ACL which shipped in iRedMail, but that's not the point now.

I know roundcube can add/delete/manage it, but i didn't tested yet.

7 (edited by jackied 2010-02-18 19:58:20)

Re: LDAP addressbook per user

to add/delete/modify right should be granted per user so it would be like

access to dn.regex="ou=Adressbooks,ou=username_AddressBook,dc=domain,dc=tld"
by anonymous none
by self write
by dn.regex="mail=hardcode.username@domain.tld,ou=Users,domainName=tld,o=domains,dc=domain,dc=tld" write

For managing, it's not a problem to script it, to add the the addressbook for all existing users, and delete addressbook under user deletion process.

I know that those clients support it, the problem is that once I create even hard coded definition like mentioned above, somehow I can not authenticate, it doesn't let me.