[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Entering/updating address book data



Hi José
if you want to enable ldap "users" to change their ldap entry data you should provide an ACL saying " by self write".


LDAP client: after having used ldapbrowser, i wrote my own "web-ldap" client. If users will have to add new attributes to an entry, they will go into Edit and then AllAttributes. You can use it from http://ldap.ayni.com, or download it from http://www.ayni.com/archive/. If you want to make it a user tool, just put all access into config.txt parameters and let the users handle it.

José Carlos Stevenson wrote:

Dear fellows,

I've been using LDAP and pam_ldap for authentication purposes for a while, now I'm trying to use it to make a "public" (intranet) address book.
I've found a lot of info in how to configure outlook, mozilla and other mail clients to use the directory as and address book. I've also found an outlook-ldap fields mapping, extension schemas, etc...
I've created a new entry "ou=addressbook,dc=mydomain,dc=com" (for now) and added some data there using ldif and ldapbrowser (a good java-based utility). I've gave permission to a specific user to write in that location:
access to dn="ou=addressbook,dc=mydomain,dc=com"
by dn="uid=specificuser,ou=People,dc=mydomain,dc=com" write
by * read


The "specificuser" is using ldapbrowser to add/update/delete entries in addressbook - although it's a good utility is not as "user-friendly" as some users would like (for the end-user): to add a FAX number the user need to "add attribute", type "facsimileTelephoneNumber" (case-sensitive) and than type the number.
I've tried to use mozilla address book and outlook express address book (binding as "uid=specificuser,ou=People,dc=mydomain,dc=com" and using his password) but the access to OpenLDAP is still "read-only".


   1. Does anyone know a mail-client or at least an end-user tool to
      manage the addressbook data? Or a way to sync Mizilla and/or
      Outlook addressbook to OpenLDAP?
   2. Besides the "public" (intranet) addressbook, I'd like to allow
      users to have their private addressbook in the directory - I'm
      thinking in using something like:
      "ou=addressbook,uid=someuser,ou=People,dc=mydomain,dc=com" - the
      users could configure 2 directories in their mail client app: 1
      private and 1 public. Is this a good design? Is there a way to
      automate the email clients configuration task?

Thanks in advance,
José Carlos Stevenson.