[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Phpgroupware-users] LDAP setup: some question
From: |
Marco Gaiarin |
Subject: |
[Phpgroupware-users] LDAP setup: some question |
Date: |
Mon, 18 Nov 2002 17:25:27 +0100 |
User-agent: |
Mutt/1.3.28i |
I'm new to PHPGW and LDAP, so excuse me if i put some stupid question.
I'm starting to configure an LDAP server essentially for using it for
addressbook repository. For now it sufficies, accounts live in a NT 4.0
server. ;(
I'm using debian GNU/Linux woody, with experimental package of phpgw, and
ldap server 2.0.
[as a note, i'm using the db for storing accounts, autocreated, with
authentication via an IMAP server]
I've started setting up LDAP, using a as base debian semiautomatic
setup.
So, my /etc/ldap/slapd.conf are:
-------------------------------------------------------------------
# Schema and objectClass definitions
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
# added for phpgw.
include /etc/ldap/schema/phpgwaccount.schema
include /etc/ldap/schema/phpgwcontact.schema
# Schema check allows for forcing entries to
# match schemas for their objectClasses's
schemacheck on
# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile /var/run/slapd.pid
# List of arguments that were passed to the server
argsfile /var/run/slapd.args
# Where to store the replica logs
replogfile /var/lib/ldap/replog
# Read slapd.conf(5) for possible values
loglevel 0
#######################################################################
# ldbm database definitions
#######################################################################
# The backend type, ldbm, is the default standard
database ldbm
# The base of your directory
suffix "dc=sv,dc=lnf,dc=it"
rootdn "cn=admin,dc=sv,dc=lnf,dc=it"
# Where the database file are physically stored
directory "/var/lib/ldap"
# Indexing options
index objectClass eq
# Save the time that the entry gets modified
lastmod on
# The userPassword by default can be changed
# by the entry owning it if they are authenticated.
# Others should not be able to see it, except the
# admin entry below
access to attribute=userPassword
by dn="cn=admin,dc=sv,dc=lnf,dc=it" write
by anonymous auth
by self write
by * none
# The admin dn has full write access
access to *
by dn="cn=admin,dc=sv,dc=lnf,dc=it" write
by * read
# For Netscape Roaming support, each user gets a roaming
# profile for which they have write access to
access to dn=".*,ou=Roaming,o=morsnet"
by dn="cn=admin,dc=sv,dc=lnf,dc=it" write
by dnattr=owner write
-------------------------------------------------------------------
and i've setup an initial ldif file as:
-------------------------------------------------------------------
dn: dc=sv,dc=lnf,dc=it
objectClass: dcObject
objectClass: organization
o: Associazione La Nostra Famiglia San Vito al Tagliamento
dc: sv
dn: cn=admin,dc=sv,dc=lnf,dc=it
objectClass: organizationalRole
objectClass: simpleSecurityObject
cn: admin
description: LDAP administrator LNF San Vito
userPassword:: SECRET;)
dn: ou=People,dc=sv,dc=lnf,dc=it
objectClass: organizationalUnit
ou: People
dn: ou=Group,dc=sv,dc=lnf,dc=it
objectClass: organizationalUnit
ou: Group
dn: ou=Roaming,dc=sv,dc=lnf,dc=it
objectClass: organizationalUnit
ou: Roaming
dn: ou=Contacts,dc=sv,dc=lnf,dc=it
objectClass: organizationalUnit
description: Rubrica Indirizzi
ou: Contacts
-------------------------------------------------------------------
Clearly for now i'm using only ou=Contacts,dc=sv,dc=lnf,dc=it to store
addressbook.
I've a bounch of question. If someone could point me to some good
source of documentation... ;)
1) i suspect that objectClass: organizationalUnit are not correct for
Contacts, what class i've to use?!
2) ok, i've setup phpgroupware to use LDAP for addressbook, but if
users want to use other client (netscape, eudora) to retrieve
contacts?! How can i setup access permission for the LDAP data,
considering that i've no user in LDAP because i use the DB?!
Rewriting: accessing LDAP data from another client, simply jump all the
policy imposed by PHPGW on addesses?!
3) i can insert into addessbook some addesses, and ldapsearch list me,
but i cannot view/modify:
Fatal error: Unsupported operand types in
/usr/share/phpgroupware/addressbook/inc/class.uiaddressbook.inc.php on
line 821
but i think was 1. ;)
Thanks.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.sv.lnf.it/
Polo FVG - Via della Bontà , 7 - 33078 - San Vito al Tagliamento (PN)
gaio(at)sv.lnf.it tel +39-0434-842711 fax +39-0434-842797
Difendiamo la Legge 185/90 dall'assalto della lobby delle armi.
Blocchiamo subito il disegno di legge n. 1927.
http://web.vita.it/185/
http://www.retelilliput.org/petizioni/
http://www.banchearmate.it/
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Phpgroupware-users] LDAP setup: some question,
Marco Gaiarin <=