[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Shared Addressbook using LDAP
- To: openldap-technical@openldap.org
- Subject: Re: Shared Addressbook using LDAP
- From: "Dieter Kluenter" <dieter@dkluenter.de>
- Date: Wed, 01 Oct 2008 09:49:53 +0200
- In-reply-to: <141831.72179.qm@web94007.mail.in2.yahoo.com> (Tarak Ranjan's message of "Tue, 30 Sep 2008 07:54:42 +0100 (BST)")
- References: <141831.72179.qm@web94007.mail.in2.yahoo.com>
- User-agent: Gnus/5.1008 (Gnus v5.10.8) XEmacs/21.5-b28 (linux)
Tarak Ranjan <contacttrm@yahoo.co.in> writes:
> Hi List,
> I am configuring a shared addressbook for
> squirrelmail.
> but the problem is it's showing the only single email
> address of the user, using that email id i'm login
> into the webmail.
>
> here is my slapd.conf.
>
> include /etc/openldap/schema/core.schema
> include /etc/openldap/schema/cosine.schema
> include
> /etc/openldap/schema/inetorgperson.schema
> allow bind_v2
> pidfile /var/run/openldap/slapd.pid
> argsfile /var/run/openldap/slapd.args
> loglevel 256
> access to *
> by self write
> by anonymous auth
> by users read
> access to
> dn.children="ou=addressbook,dc=mail,dc=example,dc=com"
> by self write
> by anonymous read
> by users read
[...]
I presume that the access rules for dn.children=ou=addressbook.. are
not taken by cut and paste from your slapd.conf file, otherwise this
rules are not honored, as the rules have to be written in a folded line.
With regard to your question, change the rule
dn.children=ou=addressbook... to dn.subtree=ou=addressbook..
If you want to protect the base entry ou=addressbook, define something
like
access to
dn.base=ou=addressbook... attrs=entry,children by ...
access to dn.children=ou=addressbook... by...
-Dieter
--
Dieter Klünter | Systemberatung
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6