« previous next »
Pages: [1]

Author Topic: LDAP Address Books - concept and implementation  (Read 1328 times)

Offline peracchi

  • Newbie
  • *
  • Posts: 3
LDAP Address Books - concept and implementation
« on: April 19, 2022, 07:02:08 PM »
Hi everybody!

I'm on a "learning adventure" that encompass a complete mail server using LDAP and accessed through Roundcube. All these things "dockerized"!

- mail server = ok
- openLDAP + phpLDAPadmin = ok
- Roundcube = ok

Maybe I don't get it but I think Roundcube could use the "mail server's openLDAP" to store and access public and private contacts, separated from "users/groups" LDAP tree branch.

I would like to get some help to better understand all of this and if possible, configure Roundcube to have this public/private address book/contacts that users can utilize through Roundcube.

So, contacts can be added and shared through Roundcube using this "separate branch" on my LDAP tree?

Bellow my "structure" in LDIF file format:



Code: [Select]
# Organizational Units
dn: ou=example.com,dc=some,dc=domain,dc=com
changetype: add
ou: example.com
objectclass: organizationalUnit
objectClass: top

dn: ou=users,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
ou: users
objectclass: organizationalUnit
objectClass: top

dn: ou=groups,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
ou: groups
objectclass: organizationalUnit
objectClass: top

dn: ou=mail-groups,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
ou: mail-groups
objectclass: organizationalUnit
objectClass: top

dn: ou=system-accounts,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
ou: system-accounts
objectclass: organizationalUnit
objectClass: top



# System Accounts
dn: uid=smtp,ou=system-accounts,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
uid: smtp
userPassword: 987654321
displayName: SMTP Sender
givenName: SMTP
sn: Sender
cn: SMTP Sender
mail: smtp@example.com
mailAlias: no-reply@example.com
mailEnabled: TRUE
mailUidNumber: 5000
mailGidNumber: 5000
mailHomeDirectory: /var/mail/example.com/smtp/
mailStorageDirectory: maildir:/var/mail/example.com/smtp/
objectClass: PostfixBookMailAccount
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top

dn: uid=smtp.audit,ou=system-accounts,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
uid: smtp.audit
userPassword: 987654321
displayName: SMTP Audit
givenName: SMTP
sn: Audit
cn: SMTP Audit
mail: smtp.audit@example.com
mailEnabled: TRUE
mailUidNumber: 5000
mailGidNumber: 5000
mailHomeDirectory: /var/mail/example.com/smtp.audit/
mailStorageDirectory: maildir:/var/mail/example.com/smtp.audit/
objectClass: PostfixBookMailAccount
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top



# User Accounts
dn: uid=alice,ou=users,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
uid: alice
userPassword: 123456
displayName: Alice
givenName: Alice
sn: Surname
cn: Alice
mail: alice@example.com
mailAlias: a@example.com
mailEnabled: TRUE
mailUidNumber: 5000
mailGidNumber: 5000
mailHomeDirectory: /var/mail/example.com/alice/
mailStorageDirectory: maildir:/var/mail/example.com/alice/
objectClass: PostfixBookMailAccount
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top

dn: uid=bob,ou=users,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
uid: bob
userPassword: 123456
displayName: Bob
givenName: Bob
sn: Surname
cn: Bob
mail: bob@example.com
mailAlias: b@example.com
mailEnabled: TRUE
mailUidNumber: 5000
mailGidNumber: 5000
mailHomeDirectory: /var/mail/example.com/bob/
mailStorageDirectory: maildir:/var/mail/example.com/bob/
objectClass: PostfixBookMailAccount
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top

dn: uid=charlie,ou=users,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
uid: charlie
userPassword: 123456
displayName: Charlie
givenName: Charlie
sn: Surname
cn: Charlie
mail: charlie@example.com
mailAlias: c@example.com
mailEnabled: TRUE
mailUidNumber: 5000
mailGidNumber: 5000
mailHomeDirectory: /var/mail/example.com/charlie/
mailStorageDirectory: maildir:/var/mail/example.com/charlie/
objectClass: PostfixBookMailAccount
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top

dn: uid=dave,ou=users,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
uid: dave
userPassword: 123456
displayName: Dave
givenName: Dave
sn: Surname
cn: Dave
mail: dave@example.com
mailAlias: d@example.com
mailEnabled: TRUE
mailUidNumber: 5000
mailGidNumber: 5000
mailHomeDirectory: /var/mail/example.com/dave/
mailStorageDirectory: maildir:/var/mail/example.com/dave/
objectClass: PostfixBookMailAccount
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top

dn: uid=erin,ou=users,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
uid: erin
userPassword: 123456
displayName: Erin
givenName: Erin
sn: Surname
cn: Erin
mail: erin@example.com
mailAlias: e@example.com
mailEnabled: TRUE
mailUidNumber: 5000
mailGidNumber: 5000
mailHomeDirectory: /var/mail/example.com/erin/
mailStorageDirectory: maildir:/var/mail/example.com/erin/
objectClass: PostfixBookMailAccount
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top

dn: uid=frank,ou=users,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
uid: frank
userPassword: 123456
displayName: Frank
givenName: Frank
sn: Surname
cn: Frank
mail: frank@example.com
mailAlias: f@example.com
mailEnabled: TRUE
mailUidNumber: 5000
mailGidNumber: 5000
mailHomeDirectory: /var/mail/example.com/frank/
mailStorageDirectory: maildir:/var/mail/example.com/frank/
objectClass: PostfixBookMailAccount
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top



# Groups
dn: cn=everybody,ou=groups,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
cn: everybody
member: uid=alice,ou=users,ou=example.com,dc=some,dc=domain,dc=com
member: uid=bob,ou=users,ou=example.com,dc=some,dc=domain,dc=com
member: uid=charlie,ou=users,ou=example.com,dc=some,dc=domain,dc=com
member: uid=dave,ou=users,ou=example.com,dc=some,dc=domain,dc=com
member: uid=erin,ou=users,ou=example.com,dc=some,dc=domain,dc=com
member: uid=frank,ou=users,ou=example.com,dc=some,dc=domain,dc=com
description: All employees of Example.com
objectclass: groupOfNames
objectClass: top

dn: cn=it,ou=groups,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
cn: IT
member: uid=alice,ou=users,ou=example.com,dc=some,dc=domain,dc=com
member: uid=dave,ou=users,ou=example.com,dc=some,dc=domain,dc=com
description: Example.com - Information Technology members
objectclass: groupOfNames
objectClass: top

dn: cn=accounting,ou=groups,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
cn: Accounting
member: uid=bob,ou=users,ou=example.com,dc=some,dc=domain,dc=com
member: uid=erin,ou=users,ou=example.com,dc=some,dc=domain,dc=com
description: Example.com - Accounting members
objectclass: groupOfNames
objectClass: top

dn: cn=staff,ou=groups,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
cn: Staff
member: uid=bob,ou=users,ou=example.com,dc=some,dc=domain,dc=com
member: uid=dave,ou=users,ou=example.com,dc=some,dc=domain,dc=com
description: Example.com - Staff members
objectclass: groupOfNames
objectClass: top

dn: cn=financial,ou=groups,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
cn: Financial
member: uid=bob,ou=users,ou=example.com,dc=some,dc=domain,dc=com
member: uid=charlie,ou=users,ou=example.com,dc=some,dc=domain,dc=com
description: Example.com - Financial members
objectclass: groupOfNames
objectClass: top

dn: cn=taxes,ou=groups,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
cn: Taxes
member: uid=bob,ou=users,ou=example.com,dc=some,dc=domain,dc=com
member: uid=frank,ou=users,ou=example.com,dc=some,dc=domain,dc=com
description: Example.com - Taxes members
objectclass: groupOfNames
objectClass: top

dn: cn=processes,ou=groups,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
cn: Processes
member: uid=bob,ou=users,ou=example.com,dc=some,dc=domain,dc=com
member: uid=charlie,ou=users,ou=example.com,dc=some,dc=domain,dc=com
description: Example.com - Processes members
objectclass: groupOfNames
objectClass: top



# Mail Groups
dn: cn=everybody,ou=mail-groups,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
cn: everybody
mail: everybody@example.com
mailAlias: all@example.com
mailEnabled: TRUE
member: uid=alice,ou=users,ou=example.com,dc=some,dc=domain,dc=com
member: uid=bob,ou=users,ou=example.com,dc=some,dc=domain,dc=com
member: uid=charlie,ou=users,ou=example.com,dc=some,dc=domain,dc=com
member: uid=dave,ou=users,ou=example.com,dc=some,dc=domain,dc=com
member: uid=erin,ou=users,ou=example.com,dc=some,dc=domain,dc=com
member: uid=frank,ou=users,ou=example.com,dc=some,dc=domain,dc=com
description: All employees of Example.com Mail Group
objectClass: PostfixBookMailAccount
objectclass: groupOfNames
objectClass: top

dn: cn=information.technology,ou=mail-groups,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
cn: IT
mail: information.technology@example.com
mailAlias: it@example.com
mailEnabled: TRUE
member: uid=alice,ou=users,ou=example.com,dc=some,dc=domain,dc=com
member: uid=dave,ou=users,ou=example.com,dc=some,dc=domain,dc=com
description: Example.com - Information Technology Mail Group
objectClass: PostfixBookMailAccount
objectclass: groupOfNames
objectClass: top

dn: cn=accounting,ou=mail-groups,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
cn: Accounting
mail: accounting@example.com
mailEnabled: TRUE
member: uid=erin,ou=users,ou=example.com,dc=some,dc=domain,dc=com
description: Example.com - Accounting Mail Group
objectClass: PostfixBookMailAccount
objectclass: groupOfNames
objectClass: top

dn: cn=staff,ou=mail-groups,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
cn: Staff
mail: staff@example.com
mailAlias: hr@example.com
mailAlias: human.resources@example.com
mailEnabled: TRUE
member: uid=dave,ou=users,ou=example.com,dc=some,dc=domain,dc=com
description: Example.com - Staff Mail Group
objectClass: PostfixBookMailAccount
objectclass: groupOfNames
objectClass: top

dn: cn=financial,ou=mail-groups,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
cn: Financial
mail: financial@example.com
mailEnabled: TRUE
member: uid=charlie,ou=users,ou=example.com,dc=some,dc=domain,dc=com
description: Example.com - Financial Mail Group
objectClass: PostfixBookMailAccount
objectclass: groupOfNames
objectClass: top

dn: cn=taxes,ou=mail-groups,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
cn: Taxes
mail: taxes@example.com
mailEnabled: TRUE
member: uid=frank,ou=users,ou=example.com,dc=some,dc=domain,dc=com
description: Example.com - Taxes Mail Group
objectClass: PostfixBookMailAccount
objectclass: groupOfNames
objectClass: top

dn: cn=processes,ou=mail-groups,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
cn: Processes
mail: processes@example.com
mailEnabled: TRUE
member: uid=charlie,ou=users,ou=example.com,dc=some,dc=domain,dc=com
description: Example.com - Processes Mail Group
objectClass: PostfixBookMailAccount
objectclass: groupOfNames
objectClass: top

Intended modification to use with Roundcube:

Code: [Select]
# Organizational Units
dn: ou=rcabook,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
ou: rcabook
objectclass: organizationalUnit
objectClass: top

dn: ou=public,ou=rcabook,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
ou: public
objectclass: organizationalUnit
objectClass: top

dn: ou=private,ou=rcabook,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
ou: private
objectclass: organizationalUnit
objectClass: top



# System Accounts
dn: cn=rcuser,ou=system-accounts,ou=example.com,dc=some,dc=domain,dc=com
changetype: add
cn: rcuser
userPassword: 123456
objectClass: simpleSecurityObject
objectClass: organizationalRole
objectClass: top

I'm using:

https://github.com/docker-mailserver/docker-mailserver

https://github.com/osixia/docker-openldap

https://github.com/osixia/docker-phpLDAPadmin

and

https://github.com/roundcube/roundcubemail-docker/blob/master/examples/docker-compose-simple.yaml
Logged
Pages: [1]
« previous next »