Custom populate omInternetAddr on omldapsync

[tpohl]

Hi! I've been evaluating scalix for use in our company (20 people right now but we're looking to explode in the coming year) and so far things have been going great!

My setup is as follows:
openldap running on a samba fileserver
scalix community edition running on a dedicated server (all users will be enterprise users and I look forward to paying for licences when we reach 25 seats!)

I use lam (ldap-account-manager) to manage my users on the samba fileserver and I've written a module (should be included in lam soon) for lam to populate the 5 fields (exScalixObject,exScalixMailnode,exScalixExtauth,exScalixAdmin,exScalixMboxadmin) that omldapsync uses to synchronize the 2 directories.

After a little bit of trial and error, I've got scalix sucessfully syncing AND authenticated (webmail) with my openldap server.

Now, there are just a couple little things that I need to make things exactly how I want it to work.
1. on omldapsync, it uses the mail record to populate omInternetAddr instead of using a combination of cn and mail which I would prefer.
2. Is there a way on omldapsync to populate omUlClass to enable the user as an enterprise user by default so I don't need to login to the scalix console?

Also, other than cron, manually, or through a remote script, is there an internal way to get scalix to run omldapsync?

Thanks!
-Tom

[ScalixSupport]

Tom,

On your first question, you request combining the cn and mail attributes to form the internet address for the Scalix user, through omldapsync. Typically this request arises because of a need to have a "friendly name" within the internet address on Scalix. With Scalix 10 you will have the ability to append the common name to the internet address on all outbound messages (exiting Scalix), thus the internet (or external) recipient will see the friendly name. The common name in Scalix is also the display name. This then negates the need to combine the fields as you requested.

There is no mapping within the OpenLDAP sync agreement that supports setting the omUlClass value. If you are using the Community Edition of Scalix, by default when a Mailbox is added using omaddu (which is used indirectly by omldapsync), the class will be set to limited. You will have to continue to manually change the class (through SAC or ommodu). Should you upgrade to Enterprise Edition, as you stated, new mailboxes added to Scalix will be added as "Full" class, thus your issue is solved.

Lastly - the methods of launching omldapsync that you listed are the known, proper ways to do so.

kb

[florian]

Tom,

adding to what Karl (or Kent - they share initials) said...

.... Scalix 10 will also allow you to run a customized script within a ldapsync mapping; therefore, you would be able to combine two attributes into one; i'd agree, though, that you will not need that anymore to archieve what you're trying.
... in addition, Scalix 10 will have more attributes that can be mapped, including the User Class, the Hide-user-from-addressbook-flag, the lock user flag and the quota attributes (mailbox limit and sanctions). In addition, it will have better error handling behaviour, etc.

Stay tuned.
Florian.

[netpenthe]

Hi Florian

I'm trying to import a few users from OpenLDAP and was wondering if there is a list of attributes that can be mapped?

i.e. I would like all imported users to have 'omUlClass' of "Full"

is there anyway to do this yet?

Cheers

Jon

[florian]

Hi Jon,

this is indeed possible - the list of mappable attributes has been considerably extended for Scalix 10; however, we haven't yet updated the OpenLDAP sample files.

Please check our template 11 (for AD Integration) in /var/opt/scalix/sys/ldapsync13.cfg and the Admin Guide talking about AD Integration and the Schema-Extension for details, you should find what you're looking for.

You then need to
- extend your Schema
- add the new attribute to the "extract" list
- add a mapping for the new attribute
- run omldapsync once with the "-M" optoin to apply the additional attribute.

Hope this helps,
Florian.