LDAP Address Book shows OUs

nikerossxp · July 26, 2023, 02:31:29 PM

Hi! The problem is: i added ldap address book, users are sorted by organisational units.

Roundcube shows OUs like subgroups, but i don't need it.

Tried to change filters - no result.

How to avoid it?

Dmitry42 · July 27, 2023, 06:26:51 AM

See us your config.

You use Active Directory or LDAP ?

nikerossxp · July 27, 2023, 12:23:58 PM

It's Active Directory.

Code Select

$config['ldap_public'] = array(
    'name' => array (
        'name' => 'Name',
        'hosts' => array('******'), 
		'sizelimit'      => '0',
		'timelimit'      => '60',
        'port' => 389,
        'use_tls' => false,
        'user_specific' => false,
	'encoding' => 'utf8',
        'base_dn' => 'OU=People,OU=Organisation,DC=test,DC=local',
        'bind_dn' => 'webmail@*****', 
        'bind_pass' => '****', 
        'writable' => false,
        'ldap_version' => 3,
		'search_fields'   => array('uid', 'givenName', 'cn', 'sn', 'mail'),
        'name_field' => 'name',
        'email_field' => 'mail',
        'surname_field' => 'sn',
        'firstname_field' => 'givenName',
        'organization_field'     => 'company',
        'jobtitle_field'    => 'title',
        'department_field'   => 'department',
		'vlv'			=> false,
		'numsub_filter'	=> '(objectClass=organizationalUnit)',
        'sort' => 'cn',
        'scope' => 'sub',
        'filter' => '(&(mail=*)(|(&(objectcategory=person)(!(objectClass=computer)))(objectClass=group)))',
        'global_search' => true,
        'fuzzy_search' => true
    ),
);

Dmitry42 · July 27, 2023, 12:30:26 PM

Try add to filter condition: "mail=*@domain.com" - for exclude OU or groups who haven't mail it attributes.

Or try like me: I have 2 addressbooks - one USERS and one MAILGROUPS.

For example my conf:

Quote
$config['ldap_public'] = [
'ldap_users' => [
'name' => 'COMPANY USERS',
'hosts' => ['1.1.1.1'],
'sizelimit' => 1000,
'use_tls' => false,
'user_specific' => false,
'base_dn' => 'OU=1,OU=2,DC=3,DC=local',
'bind_dn' => 'LDAP_USER',
'bind_pass' => 'LDAP_PASSWD',
'writable' => false,
'ldap_version' => 3,
'search_fields' =>['displayname','mail'],
'fieldmap' => [
'name' => 'displayname',
'email' => 'mail'
],
'sort' => 'displayname',
'scope' => 'sub',
'filter' => '(&(!(useraccountcontrol:1.2.840.113556.1.4.803:=2))(samaccountType=805306368)(mail=*@domain.com))', // not blocked users with email.
'fuzzy_search' => true,
'vlv' => false,
'vlv_search' => false
],
'ldap_groups' => [
'name' => 'MAILGROUPS',
'hosts' => ['1.1.1.1'],
'sizelimit' => 1000,
'use_tls' => false,
'user_specific' => false,
'base_dn' => 'OU=1,OU=2,DC=3,DC=local',
'bind_dn' => 'LDAP_USER',
'bind_pass' => 'LDAP_PASSWD',
'writable' => false,
'ldap_version' => 3,
'search_fields' => ['cn','mail'],
'fieldmap' => [
'name' => 'cn',
'email' => 'mail'
],
'sort' => 'cn',
'scope' => 'sub',
'filter' => '(&(objectCategory=group)(mail=*@domain.com))', // groups with email
'fuzzy_search' => true,
'vlv' => false,
'vlv_search' => false
]
];

nikerossxp · August 01, 2023, 07:46:25 PM

Thank you, i will try!

nikerossxp · August 07, 2023, 06:18:55 AM

Nope, it still shows included OUs

LDAP Address Book shows OUs

nikerossxp

Dmitry42

nikerossxp

Dmitry42

nikerossxp

nikerossxp