Koozali.org: home of the SME Server
Obsolete Releases => SME Server 7.x => Topic started by: Agent86 on January 01, 2007, 06:03:02 AM
-
Hi all
Is there a (How to) on setting up thunderbird client for use with SME LDAP to lookup addresses ?
And can I look up my addresses from my address book or is this only for the SME global LDAP addresses?
Please advise
-
Hi all
Is there a (How to) on setting up thunderbird client for use with SME LDAP to lookup addresses ?
This is documented in the manual.
And can I look up my addresses from my address book or is this only for the SME global LDAP addresses?
Please advise
The LDAP directory is effectively read-only at this stage. It is possible to add additional information to LDAP, but it is currently not supported. Thunderbird will allow you to search multiple address books.
-
Hi all
Is there a (How to) on setting up thunderbird client for use with SME LDAP to lookup addresses ?
And can I look up my addresses from my address book or is this only for the SME global LDAP addresses?
Please advise
I asked the same question sometime ago..
http://forums.contribs.org/index.php?topic=31835.0
-
Thanks,
I have read those posts and search the forums quit extensively,and also read the manual chapter 7.6 regarding LDAP. however I seem to be missing something.
I can't figure out how to import contacts to the LDAP addressbook.
I import to my (user) SME addressbook then try to import the (user) addressbook to the (LDAP) addressbook while logged into webmail as (user). The import to my (user) address book appears to work proper, but NOT the importing to the (LDAP) addressbook.
Will the LDAP lookups from the client computer(thunderbird) look in my (user) addressbook ? or only the (LDAP) addressbook ?
Thanks for the help all,
-
I can't figure out how to import contacts to the LDAP addressbook.
As it is at the moment, you can't.
-
Thanks for the info
I hope there will be a option for this perhaps in the futuree
-
of course you can !!! However you need to install php script, or use some groupware like openxchange, egroupware, vtiger... and syncml synchronisation with your client software !!
-
of course you can !!! However you need to install php script, or use some groupware like openxchange, egroupware, vtiger... and syncml synchronisation with your client software !!
Where is your how to ?
-
????? for what, be more precise, I quoted different groupware... and there is many contrib that install it very well, just use search buttom!!
However, if you've got precise questions, ask!! :?
-
????? for what, be more precise, I quoted different groupware... and there is many contrib that install it very well, just use search buttom!!
However, if you've got precise questions, ask!! :?
Please be polite... users here try to help each other. If you would have looked a bit further you would have known that william_syd has helped out many users and has a long track record here.
of course you can !!! However you need to install php script, or use some groupware like openxchange, egroupware, vtiger... and syncml synchronisation with your client software !!
I can understand william_syd's reaction perfectly well if you state in such strong words that it can be achieved. If you are so sure we would like you to share your knowledge in a HowTo so that other users can benefit from your knowledge as well. Stating that it can be done is not enough unfortunately for other users to successfully finish there installation.
AFAIK it is not possible to store contacts in a user LDAP address book for use with a mailclient and webmail together.
-
ok,
first I wasn't so impolite (don't know if this word exist !!!! :lol: )
second, I guess that he is able to say if I was rude and to say it! My wish was only to help, if don't want....
:arrow:
second, I can't do a howto for every groupware that exist... can I ????
Ok you want an example, you install egroupware with ldap authentification, you install syncml, sync4j or funambol and outlook/thunderbird...
You can ask the ldap directory with mail client, and the funambol connector sync the new data with the client !!!!
was it unpossible ????
With opengroupware also, and with openxchange too...
the connector are toltec connector, openconnector, cunnector, syncml (funambol, sync4j...), oxtender...
AFAIK it is not possible to store contacts in a user LDAP address book for use with a mailclient and webmail together.
so it is possible !!!!
And if you've got the mail client evolution, Kcontact... under linux, it is a better implementation of the opensource connector and syncml protocol !!!
Enjoy!!!
-
uh ok I guess
I'm not using groupware etc. I simply was wondering about a write access to the ldap, but I thought that it could only be written when logged in as root in the server-manager from what little I know of it.
Does the egroupware or other give root access to my directory ?
If so I'm not sure I like that much.
I would prefer that the personal or shared addressbooks in Horde would allow to also create additional or shared LDAP's. Seems like that would be simpler, but I don't know? But not with new egroupware and openware or whatever is sounds like I will now have another app to use.
I like my webmail interface thus far and the new RPM's that are available with the edit command to make shared addressbooks etc.
I wish the shared or personal addressbooks could have a feature to use the LDAP or share to LDAP directory or create a new LDAP and add personal or shared addressbooks.
That still does not really solve my real desire to be able to have the email client the ability to write to the LDAP as with adding email recipients to the LDAP or peronal address book on Horde instead of on my email client.
But that may even be better for me.
Anyhow thanks for the help on this I think I'll just use webmail addressbooks as is with the new RPM installs for now.
Thanks
-
uh ok I guess
I'm not using groupware etc. I simply was wondering about a write access to the ldap, but I thought that it could only be written when logged in as rootin the server-manager from what little I know of it.
1/Does the egroupware or other give root access to my directory ?
If so I'm not sure I like that much.
I would prefer that the personal or shared addressbooks in Horde would allow to also create additional or shared LDAP's. 2/Seems like that would be simpler, but I don't know? But not with new egroupware and openware or whatever is sounds like I will now have another app to use.
I like my webmail interface thus far and the new RPM's that are available with the edit command to make shared addressbooks etc.
I wish the shared or personal addressbooks could have a feature to use the LDAP or share to LDAP directory or create a new LDAP and add personal or shared addressbooks.
That still does not really solve my real desire to be able to have the email client the ability to write to the LDAP as with adding email recipients to the LDAP or peronal address book on Horde instead of on my email client.
But that may even be better for me.
Anyhow thanks for the help on this I think I'll just use webmail addressbooks as is with the new RPM installs for now.
Thanks
hello,
1/ In fact, if I take for example egroupware (there is many other...), you have to setup two ldap access!!! The first is for administrativ access (client that access to the interface (webmail, task, contact, planning, forum... wih acl). This first section is a different shema in the ldap. The second, you have to setup in the contact module! So you can configure with different user access if you don't want contacts to be same access than interface. However, egroupware has got acl for access control.
2/ You can do it in a different way, only use additionnal app like EGW, for creating ldap new entry (there is also email webmail), then when you personnal want to create new entries, 2 solutions (they use webmail on the groupware, or they add it in thunderbird, then it will sync their client with the syncml protocol of the server (EGW) or funambol connector...)
If you want to use horde only, I guess there is horde ldap module to add, but never try!!!! and this:
8.2.3.1.1 Avec OpenLDAP
To use ldap and horde edit horde/config/horde.conf and change these lines :
$conf['auth']['driver'] = 'ldap';
$conf['prefs']['driver'] = 'ldap';
$conf['prefs']['params']['hostspec'] = 'localhost';
$conf['prefs']['params']['port'] = '389';
$conf['prefs']['params']['basedn'] = 'dc=exemple,dc=net';
$conf['prefs']['params']['uid'] = 'mail';
then copy the schema scripts/ldap/horde.schema in /etc/openldap/schemas/ and add this line to /etc/openldap/slapd.onf :
include /etc/openldap/schema/horde.schema
Add the classe hordePerson to each user then fill the email variable.
to to help !!
-
after what, you can also create a little script and had it to horde interface:
[b]script:[/b]
#function that fill the ldif file with horde form
# -------
#
# then add it in ldap
$ ldapadd -v -x -h 192.168.0.1 -D "cn=root, dc=laboite, dc=com" -W -f infsoldap.ldif
[b]ldif file structrure:[/b]
dn: cn=jllc, ou=interne, dc=laboite, dc=com
objectclass: person
surname: Jllc
givenname: Jllc
mail: jllc@la boite.com
cn: Jl Lc
but more complicate
-
I don't think I'll tackle that now, It's getting too complicated for me and I don't want to break my install. Also worried about SME updates / upgrades
Thanks
-
Any progress on this front?
Can external addresses be added to the LDAP?
-
No, not without external programs like egroup etc.
But with the new RPM's of Horde and addon modules you can share your addressbook with other users and create a group of address books that are shared
This is really pretty cool check out the posts on this:
http://forums.contribs.org/index.php?topic=34191.0
Hope this helps
-
Hi
If anyone's interested (and as I read it, most haven't tried...)
You CAN simply use the LDAP as a global Adressbook for almost any LDAP Client.
And: You don't have to use Server-Manager to add users there.
I use PHPLdapAdmin to add / modify E-Mail Addresses and such.
Works well enough.
What isn't easy is getting all users to be able to add or modify the LDAP.
There is a contrib available which works on 7.1.2.
Regards
Andy Wismer
-
Hello Andi,
could you please write a little howto about setting up phpldapadmin? (config.php)
I am not able to modify any content:
LDAP_STRONG_AUTH_REQUIRED
Thanks in advance.
-
Hi
I user the Contrib available from here:
http://www.smesmith.de/download/sme7/contribs/test/smeserver-phpldapadmin-0.9.7.2-0.noarch.rpm
or, in case you can't grab it from there, here's a copy on my server:
http://www.anwi.net/downloads/smeserver-phpldapadmin-0.9.7.2-0.noarch.rpm
That should "just" work.
You need to use https://your.server.name/phpldapadmin/
Without the slash at the end, my server won't say it exists...
YMMV
Andy Wismer
-
Hi Andy,
I've got that up and running. But I still can't add or edit existing users.
Did you setup a new LDAP adressbook?
What are your settings in config.php?
-
Hallo Johannes
Sorry, you're right. The latest Version has a Login-Bug. The right screen displays, but the left navigation doesn't.
Use this Version, but remove the "newer" one first (rpm -e...)
http://www.anwi.net/downloads/smeserver-phpldapadmin-0.9.6c-0.noarch.rpm
This one works one 7.1.2...
I needed NO modifications, just install the RPM and login with https...
Grüsse nach Baden, zum grossen Kanton ;-)
Andy
-
Hi
Your RPM works. Thanks by take your time building it.
I have one old love to LDAP and just would like SME has full use of LDAP.
But
Groups created on SME interface do not show as groups on phpLDAPAdmin/LDAP server: they´re normal user-like entries.
If you put anything inside a OU created on phpLDAPadmin, do not show in SME addressbook.
I hope SMe became FULL LDAP ASAP.
Thanks
Jáder
-
Hi
I didn't build that RPM, but the guy who did had changed his site or whatever, I couldn't find the original working site. So rather than lose a valuable RPM / Tool for SME which I can confirm working on latest SMEs, I thought I'd make them available again.
The creator's Info and URL is visible in the RPM info part...
I'll take credit when it's due, but not foreign feathers ;-)
I'm impatient for SME to go full LDAP, enabling real "backup" servers, single sign on and site replication.
Nevertherless I find SME is one of the best GPL Distis "Out Of the Box". Sure, some things are easier on a stock Red-Hat / Centos, SuSE or Debian. You don't have to deal with the templating system. But come on, usually SME just works! Cheers to the SME Team.
Andy Wismer
-
Hi all
Is there some way to use my user address book as a LDAP or second LDAP
I don't need to have a bunch of users access it just me.
Instead of the client accessing the main LDAP is there no way to make the individual address book an LDAP or create a separate LDAP ?
In a way that would allow the client email or addressbook to enter www.domain.com/user for the LDAP or something like that to search the user LDAP for contacts etc.
Would be nice feature ???
Thanks
-
Hi
If you make an export of your adress book, and reimport it into LDAP it should work.
With the PHPLdapAdmin contrib you can get from here
http://www.anwi.net/downloads/smeserver-phpldapadmin-0.9.6c-0.noarch.rpm
you can import your user adress book into LDAP.
YMMV
Andy Wismer
-
I'm curious
What about LDAP or other options for my user addressbook ?
I really don't need other users with full access to LDAP, but would like my client to be able to access the user address book similar to LDAP but using my personal addressbook ??
Can this be done on the client level to simply access my user addressbook on the SME box somehow, ???
Or is this the only option mentioned here regarding (PHPLdapAdmin) ??
Basically it would be nice to just turn my user addressbook into a LDAP so that my client could access the contact list.
Please advise
Thanks
-
Hi
Maybe a misunderstanding here, but the LDAP on SME can be accessed using almost any LDAP capable client. This include Outlook Express, Outlook, Thunderbird, Mac Adressbook, etc.
It's just not possible to add addresses there using SME out of the box. The only way is by adding a user/group in Server-Manager. But just because you sometimes mail your competitor, it doesn't mean you want him to have an account on your server. ;-)
That's where PHPLDAPadmin comes in... Using it, you can easily import an existing adress-book / list or simply add a single contact.
YMMV
Andy Wismer
-
Hi
Maybe a misunderstanding here, but the LDAP on SME can be accessed using almost any LDAP capable client. This include Outlook Express, Outlook, Thunderbird, Mac Adressbook, etc.
It's just not possible to add addresses there using SME out of the box. The only way is by adding a user/group in Server-Manager. But just because you sometimes mail your competitor, it doesn't mean you want him to have an account on your server. ;-)
That's where PHPLDAPadmin comes in... Using it, you can easily import an existing adress-book / list or simply add a single contact.
YMMV
Andy Wismer
Thanks for the reply
Yes there is a misunderstanding here.
Perhaps this last question has sort of transformed from my initial question since I've learned that I cannot edit the LDAP as it stands with SME unless I make changes or add contribs etc.
I am aware that I can access the LDAP with the client email/address book
So to clarify the question,what about the user address books in SME, can I access those with an email client ???
Or do I only have access to the LDAP,
I'm assuming the LDAP is separate from the user addressbooks and that they do not put entries into the main LDAP ???
So anyhow is there some way to access my user addressbook on SME with a email client machine ??
Please advise
and thanks again for the response
-
One more separate question regarding PHPLDAPadmin.
Where can I find info on this and the features?
Do you actually create new LDAP's with PHPLDAPadmin that are accessible(read) by the client computers ?
And in the Horde webmail section how is horde effected ?
Is there buttons added to horde etc. to add addresses and creating new LDAP's etc.?
Thanks
-
Hi
PHPLDAPadmin:
I suppose you CAN create new LDAPs, I've never tried that.
What you CAN do is: create new entries in the existing LDAP.
These entries are "seen" by the Horde Address app and by any E-Mail app which has it's Addressbook pointed to the SME. Outlook Express, Thunderbird, Outlook, Mac Mail and others can easily use the SME LDAP as an addressbook (addition...).
I just add/modify E-Mail addresses, and add in "address" type entries, not normal users. For "normal" users, use the server-manager.
PHPLDAPadmin has it's own type of templates, it isn't too difficult to modify them, to make address-making faster...
PHPLDAPadmin can also be used for scheme-extensions. A lot of applications like NetOP remote-control, FileMaker, PCAnywhere, Timbuktu can also use LDAP entries to make the application show up faster on other instances of that application.
Full Docu is available on the PHPLDAPadmin Home Page (Sourceforge...)
YMMV
Andy Wismer
-
Thanks that helps.
And one more thing ?
So if I understand this, basically the PHPldapadmin allows you to put in new addresses into the main LDAP, but these new addresses will not show up via SME server-manager but they will actually be there, but not visible to the SME-server-manager ??
And how do you go about restricting users from accessing the LDAP, I guess there is not way to do this ?
Thanks for all the help this clears things up good,
Please confirm all this ?
Thanks
-
Hi
@Agent86: Your accessment of LDAP/Server-Manager is correct:
LDAP / Server-Manager
================
The Server-Manager is used to manage (most) aspects of SME server. In this sense, the Server-Manager can create/modify/delete accounts on the server.
Accounts created on the server get a automatically created account in MySQL for any settings in Horde.
Any account also gets an entry in the LDAP system, which is used for Address-Book functions in Horde only. SME doesn't use LDAP for anything else, AFAIK.
This means that the entries in LDAP do not show up in Server-Manager, only the corresponding entries in the local files which are created/modified at the same time as SME creates the LDAP entries. This is a technicality, really...
But: SME does provide you with the LDAP infrastructure.
Your added addresses and such will show up in any mail client pointing to the right OU (Check the server-manager page for the right OU...), but they will not show up in Server-Manager because:
- The Server-Manager doesn't query LDAP for display (It's write-only...)
- The Server-Manager isn't built to manage addresses, but accounts.
LDAP Rights
========
LDAP permissions can be really fine-granulated. If needed, you could even set attributes on almost any part of the info.
Say allowing an authenticated user to view the whole name and e-mail only, but not the telefon number, not even first and last names...
LDAP also allows you to set permissions based on IP, Domain-Names, Users, Groups - almost anything needed ;-). But there's several books worth of information on permissions and rights in a LDAP system. Basically most info on M$ Active-Directory and/or Novells eDirectory (NDS) are also valid, at least as far as permissions and rights are concerned, because all mentioned products are based on LDAP V3.
YMMV
Andy Wismer
-
Thanks for the clarifications
So I will be able to do what I want with the PHPLDAPadmin if I can get it working properly.
What about the importing and exporting of the addressbooks ?
To the LDAP ? I'm guessing I'll need PHPLDAPadmin to do that ?
Can my email client view all the addressbook fields via the LDAP?
And how? I'm guessing I'll need PHPLDAPadmin to do that ?
Thanks again for the great help this.
-
Importing and Exporting of Addressbooks:
You'll need to use your Addressbook to Export (CSV, TXT or LDIF)
and PHPLDAPadmin to Import that data into LDAP. You could use command-line LDAP tools instead of PHPLDAPadmin to import, but that's more than hard-core. ;-)
Setting your E-Mail Client to use LDAP is actually well documented - in the SME Doku. Basically you just need to point your addressbook (Outlook Express, Outlook, Thunderbird, etc...) to the LDAP Server (Name or IP) and the exact "OU" your SME Server is using. You don't need PHPLDAPadmin for this.
An "OU" is like a folder in LDAP, it's basically a "container" for stuff.
YMMV
Andy Wismer
-
Hi
I can't remove smeserver-phpldapadmin-0.9.7.2-0.noarch.rpm
rpm -e smeserver-phpldapadmin-0.9.7.2-0.noarch.rpm
error: package smeserver-phpldapadmin-0.9.7.2-0.noarch.rpm is not installed
rpm -Uvh smeserver-phpldapadmin-0.9.7.2-0.noarch.rpm
Preparing... ########################################### [100%]
package smeserver-phpldapadmin-0.9.7.2-0 is already installed
Run SME 7.1.3
Please help.
-
Hi
I can't remove smeserver-phpldapadmin-0.9.7.2-0.noarch.rpm
rpm -e smeserver-phpldapadmin-0.9.7.2-0.noarch.rpm
error: package smeserver-phpldapadmin-0.9.7.2-0.noarch.rpm is not installed
Hi
try
rpm -e smeserver-phpldapadmin
HTH
Ciao
Stefano
-
Hi
I can't remove smeserver-phpldapadmin-0.9.7.2-0.noarch.rpm
rpm -e smeserver-phpldapadmin-0.9.7.2-0.noarch.rpm
error: package smeserver-phpldapadmin-0.9.7.2-0.noarch.rpm is not installed
Hi
try
rpm -e smeserver-phpldapadmin
HTH
Ciao
Stefano
Work fine!!!!!!!!!!!!!
Merci!!!!
:!: :!: :!:
-
I'm not sure if phpadmin will do this, but I was curious that is there a way that when adding new users to the SME box that each user could have their own LDAP ? And that LDAP would only be editable by the user within horde etc.
I'm not really concerned about sharing the user addressbook, or the user LDAP, but something that would also be nice is:
When adding RPM's contribs, that are available and making the proper edits for sharing addressbooks perhaps there could also be and edit to share those addressbooks which are now also LDAP's for each user if someone wanted to share their address book.
Basically each user could access their own private address book which would now be a user LDAP and not the main LDAP.
Any suggestions on these 2 subjects ?
Thanks
-
I can't figure out how to import contacts to the LDAP addressbook.
From an earlier post: "It's read-only at the moment." You can read the LDAP address book, but you can't write to it.
PHPLDAPadmin - wow. Nice tool. Been looking for something like that for a long time.
-- JJ
-
I can't figure out how to import contacts to the LDAP addressbook.
From an earlier post: "It's read-only at the moment." You can read the LDAP address book, but you can't write to it.
PHPLDAPadmin - wow. Nice tool. Been looking for something like that for a long time.
-- JJ
If you modify the configuration file of the phpLDAPAdmin and supply the encrypted, randomly generated LDAP password to it you could make it writeable. Although the risk of changes not being properly propagated to other services and SME Server configuration files is pretty big. A better way is trying to help out implementing LDAP in the core of SME Server. There is a bug for that in the bugtracker if I remember correctlty
-
Importing and Exporting of Addressbooks:
You'll need to use your Addressbook to Export (CSV, TXT or LDIF)
and PHPLDAPadmin to Import that data into LDAP. You could use command-line LDAP tools instead of PHPLDAPadmin to import, but that's more than hard-core. ;-)
Setting your E-Mail Client to use LDAP is actually well documented - in the SME Doku. Basically you just need to point your addressbook (Outlook Express, Outlook, Thunderbird, etc...) to the LDAP Server (Name or IP) and the exact "OU" your SME Server is using. You don't need PHPLDAPadmin for this.
An "OU" is like a folder in LDAP, it's basically a "container" for stuff.
YMMV
Andy Wismer
Can I point the client to a user addressbook on SME ? or only the main LDAP ???
Thats basically what I want is to point the client to the user addressbook ???
Please advise and thanks again for the help.