Adding additional LDAP directories?

[bchapman]

Everyone:

I've been unable to successfully add another LDAP directory to the list of searchable directories in SWA. I've read the installation guide but am apparently missing something. Here's what I have tried so far:

1. Edit partner.xml to add a new <LdapSource>...</LdapSource> stanza within <LdapSources></LdapSources>. Configure the hostname, etc. settings. Set <type> to "personal".

2. Try the same, but set the type to "system"

3. Same, but set type to some arbitrary string and add string to "dirSearchOrder" at top of file.

4. I have also tried inserting the <server>...</server> lines within the <ldapsource> area below server type, again with no success.

If someone could point me in the right direction, I would appreciate it!

Thanks,

Ben

[florian]

Sounds reasonable. I assume you've restarted Tomcat after every try? from the "type" perspective, this must be a new string, the tag "type" is a bit of a misnamer, it is actually rather a tag for your directory.

Could you please post your whole <LdapSources> element, with the particular source you want to add? If you feel concerned about privacy, you can also send it to <myfirstname>@scalix.com (real first name removed to fool the bots... ;-)

Cheers,
Florian

[bchapman]

Florian:

Thanks for the tip -- It's working now, with your hints. So that others can see (and also in case I'm not doing something right) here is the ldapsources section:

Code: Select all


    <ldapSources>
        <ldapSource>
         <type>emorylaw</type>
            <server>ldap.law.emory.edu</server>
            <port>389</port>
            <basedn>ou=people,o=law</basedn>
         <displayname resourceID="addressbooksearch_title_system">Emory Law Directory</displayname>
            <authtype>none</authtype>
            <filter>(|(&amp;(cn=%s*)(mail=*))(&amp;(sn=%s*)(mail=*))(&amp;(givenName=%s*)(mail=*)))</filter>
            <address_search>
            <limit>100</limit>
            <attribute_map>
               <entry header="true">
                  <name resourceID="addressbooksearch_label_name">Name</name>
                  <dir_attribute>fullName</dir_attribute>
               </entry>
               <entry header="true" type="email">
                  <name resourceID="addressbooksearch_label_email">Email Address</name>
                  <dir_attribute>mail</dir_attribute>
               </entry>
               <entry header="true">
                  <name resourceID="addressbooksearch_label_phone">Phone</name>
                  <dir_attribute>telephoneNumber</dir_attribute>
               </entry>
               <entry>
                  <name>Fax Phone</name>
                  <dir_attribute>facsimileTelephoneNumber</dir_attribute>
               </entry>
               <entry>
                  <name>Mobile Phone</name>
                  <dir_attribute>mobileTelephoneNumber</dir_attribute>
               </entry>
               <entry>
                  <name>Pager Phone</name>
                  <dir_attribute>pagerTelephoneNumber</dir_attribute>
               </entry>
            </attribute_map>
         </address_search>
        </ldapSource>
        <ldapSource>
         <type>system</type>
            <server>els43.law.emory.edu</server>
            <port>389</port>
            <basedn>o=scalix</basedn>
         <displayname resourceID="addressbooksearch_title_system">System Directory</displayname>
            <authtype>none</authtype>
            <filter>(|(&amp;(cn=%s*)(mail=*))(&amp;(sn=%s*)(mail=*))(&amp;(gn=%s*)(mail=*))(mail=%s*)(&amp;(omalias=%s*)(mail=*)))</filter>
            <address_search>
            <limit>100</limit>
            <attribute_map>
               <entry header="true">
                  <name resourceID="addressbooksearch_label_name">Name</name>
                  <dir_attribute>omcn</dir_attribute>
               </entry>
               <entry header="true" type="email">
                  <name resourceID="addressbooksearch_label_email">Email Address</name>
                  <dir_attribute>rfc822Mailbox</dir_attribute>
               </entry>
               <entry header="true">
                  <name resourceID="addressbooksearch_label_phone">Phone</name>
                  <dir_attribute>telephoneNumber</dir_attribute>
               </entry>
               <entry>
                  <name>Fax Phone</name>
                  <dir_attribute>facsimileTelephoneNumber</dir_attribute>
               </entry>
               <entry>
                  <name>Mobile Phone</name>
                  <dir_attribute>mobileTelephoneNumber</dir_attribute>
               </entry>
               <entry>
                  <name>Pager Phone</name>
                  <dir_attribute>pagerTelephoneNumber</dir_attribute>
               </entry>
            </attribute_map>
         </address_search>
        </ldapSource>
        <ldapSource>
         <type>personal</type>
            <server>els43.law.emory.edu</server>
            <port>389</port>
            <basedn>o=MyContacts</basedn>
         <displayname resourceID="addressbooksearch_title_personal">Personal Contacts</displayname>
            <authtype>simple</authtype>
            <filter>(|(&amp;(cn=%s*)(|(mail=*)(304=4)))(&amp;(sn=%s*)(mail=*))(&amp;(gn=%s*)(mail=*))(mail=%s*)(&amp;(omalias=%s*)(mail=*)))</filter>
            <binddn>rfc822mailbox=%u</binddn>
        </ldapSource>
    </ldapSources>

The top one ("emorylaw") is our Novell eDirectory server. Note that this configuration still returns "System Directory" as the name in the web client. I'm not sure why this is. Perhaps I should have set it as a personal directory. Also, at the very top of the file, I think one needs to add the name to the list of directories to be searched:

Code: Select all

dirSearchOrder="system,personal,emorylaw"

I believe this affects whether the items are searched in the typedown to field, but I'm not sure.

Thanks again,

Ben

[florian]

Well,

I guess I can answer both...

1. the key to the directory title is the following line:

Code: Select all

         <displayname resourceID="addressbooksearch_title_system">Emory Law Directory</displayname>


Please remove the resourceID="addressbooksearch_title_system" attribute from the entry. This is intended for internationalization (we support German, too, JUST FOR ME... kidding!). This refers to resource information available in multiple languages and stored somewhere else. The actual value (here: Emory Law Directory) will only be used if no localized resource can be found, so as a default. As you left the original resource ID, it uses the properly localized resource.

We do not support adding customized resources at this time. Therefore, for your homemade directories, you'll need to stay with just one wording and language.


2. In fact, the dirSearchOrder specifies in which order directories are queried when the CheckNames function is being used (or a message with unqualified names in the address fields is sent!).

Just for the sake of learning for everybody, what was wrong with your first try when it didn't work?

--Florian.

[bchapman]

Florian:

Thank you! Fixed the directory name and now I understand the checknames ordering.

I think the reason that the first try did not work was that I did not remove the Scalix-specific query parameters... I trimmed down the ldap search to be simpler than the original one.

Is there any way to add an ldap result to the contact list in SWA? I didn't see any way to do this.

You should know that everyone to whom I've shown this product has been very impressed. It's really wonderful work. Now we're authenticating against the Novell edirectory also and that's really nice too.

Best regards,

Ben

[florian]

Ben,

as for the contacts - no - there is no real way; the contacts are stored as Contact objects (similar to vCards) inside the message store; the LDAP access to them is basically our LDAP engine acting as a front-end to this special folder; this is read-only and has been implemented to support search and addressing functionality from SWA and standards-based clients such as Mozilla Thunderbird.

We have a tool somewhere that you can use to load LDIF or CSV style data into your Contacts folder through a Web Interface; let me know if this would help in any way; I believe it is now part of the admin resource kit or so.

BTW, as you're already authenticating against eDirectory - you could actually manage your users through eDirectory as well. The tool you need for this is called omldapsync, it is included with the product, man omldapsync gives you the details. Don't be too worried that it only talks about Active Directory and OpenLDAP - you will need to setup some of the LDAP attribute mapping manually, but that should be possible.

Cheers,
Florian

[netpenthe]

Hi Florian

I was wondering if you could point me in the direction of the CSV import tool.

We're currently using Horde and I was hoping to write some scripts to import all users' Personal Addressbooks from Horde into Scalix.

(I'm presuming this CSV import tool can import Personal Contacts on a per user basis. i.e. I can import each person's own, individual addressbook)

Cheers

Jon

[florian]

Hi Jon,

sure

Code: Select all

<my_scalix_tar_file>/admin_resource_kit/import_contacts.tgz
<my_scalix_tar_file>/admin_resource_kit/import_contacts.readme


Hope this helps,
Florian