AB LDAP integration

[The Argon@ut]

Hi all,

I'm working with OSX Leopard Server 10.5.6 (openLDAP 2.3, PHP 5.2, perl 5.8..
I've create a centralized LDAP address book server using the ABxLDAP program (addressbook for LDAP) on every client, that synchronize all the users local address books with the LDAP server (openLDAP 2.3) using a custom schema (abxldap.schema). All works OK.

Now

I would like to connect the Roundcube addressbook with the centralized LDAP addressbook Server using the customized schema.
I've tried a lots of configurations...without results
The base/bind credentials are the same that I've used for succesfull connect the ABxLDAP programs to the LDAP Server.
Actually I use the 0.2.1 version of Roundcube and the LDAP section of my main.inc.php file are:

$rcmail_config['address_book_type'] = 'ldap';

$rcmail_config['ldap_public'] = array(Stancioli);

$rcmail_config['ldap_public']['Stancioli'] = array(
  'name'          =>MyCompanyName',
  'hosts'         => array('servername.my.domain.name'),
  'port'          => 389,
  'use_tls'       => false,
  'user_specific' => true,
  'base_dn'       => 'cn=people,dc=servername,dc=my,dc=domain,dc=name',
  'bind_dn'       => 'uid=diradmin,cn=users,dc=servernamee,dc=my,dc=domain,dc=name',
  'bind_pass'     => 'mybindpassword',
  'writable'      => true,
  'required_fields'     => array("cn", "sn", "mail"),
  'LDAP_rdn'      => 'mail',
  'ldap_version'  => 3,
  'search_fields' => array('mail', 'cn'),
  'name_field'    => 'cn',
  'email_field'   => 'mail',
  'surname_field' => 'sn',
  'firstname_field' => 'givenName',
  'sort'          => 'cn',
  'scope'         => 'sub',
  'filter'        => '',
  'fuzzy_search'  => true);

$rcmail_config['autocomplete_addressbooks'] = array('Stancioli');

With this LDAP configuration, the RC addressbook appears as a horizontal 3-panels page (Groups, displayed name and details) where:
- on the groups panel appear only the first letter of my company name ("S")
- on the displayed name appears...nothing!
When I try to search something....the "no contact found" message appears.
The following messages appears on my RC error.log file:
[16-Mar-2009 10:14:46] PHP Warning:  Invalid argument supplied for foreach() in /websites/roundcubemail-0.2.1/program/include/rcube_ldap.php on line 56
[16-Mar-2009 10:14:46] PHP Warning:  Invalid argument supplied for foreach() in /websites/roundcubemail-0.2.1/program/include/rcube_ldap.php on line 85
[16-Mar-2009 10:14:46 -0300] LDAP Error: Could not connect to any LDAP server, tried :A last (GET /?_task=addressbook&_action=search&_q=24&_source=0&_remote=1&_ts=1237209286014)

Now...

When I mistake? What is the cause of the problem?
Any suggestion are welcome!

Thanks.

[Numbski]

  'filter'        => '',

You have to filter for something.  Try this:

'filter => 'sn=*'

[The Argon@ut]

Thaks for the answer...
but...unfortunatelly put a filter haven't resolved my problem...
Same "no contact found" message, same errors log entries (PHP and LDAP errors/warnings)
I've tried various filters from your simple to a more complex...but nothing.
I'm quite sure that my configuration are OK....but don't works!
There is one thing that I don't understand:
the RC addressbook are connected to the LDAP Server? there is an LDAP connection error on my errors log. I've used my directory administrator credentials to connect to the LDAP Server (tecnically I have write properties over LDAP) but apparently the addressbook doesn't have permission to connect to LDAP Server...
And the PHP warnings? why?

Any idea?
Thanks

[The Argon@ut]

Thaks for the answer...
but...unfortunatelly put a filter haven't resolved my problem...
Same "no contact found" message, same errors log entries (PHP/LDAP errors)
I've tried various filters from your simple to a more complex...but nothing.
I'm quite sure that my configuration are OK....but don't works!
There is one thing that I don't understand:
the RC addressbook are connected to the LDAP Server? there is an LDAP connection error on my errors log. I've used my directory administrator credentials to connect to the LDAP Server (tecnically I have write properties over LDAP) but apparently the addressbook doesn't have permission to connect to LDAP Server...
And the PHP errors? why?

Any idea?
Thanks

[Numbski]

Thaks for the answer...
but...unfortunatelly put a filter haven't resolved my problem...
Same "no contact found" message, same errors log entries (PHP and LDAP errors/warnings)
I've tried various filters from your simple to a more complex...but nothing.
I'm quite sure that my configuration are OK....but don't works!
There is one thing that I don't understand:
the RC addressbook are connected to the LDAP Server? there is an LDAP connection error on my errors log. I've used my directory administrator credentials to connect to the LDAP Server (tecnically I have write properties over LDAP) but apparently the addressbook doesn't have permission to connect to LDAP Server...
And the PHP warnings? why?

Any idea?
Thanks

Well, let's abstract this back a step then.  Go download (if you haven't already) jxplorer.  Connect up to your directory, and run the exact same query there.  You can do it from the command line as well if you feel comfortable.  If you're getting a good return there, then we can rule out your query params.

Here's a little test script I use that's in perl.

Code: [Select]


#!/usr/bin/env perl -w

use strict;

use Net::LDAP;
use Net::LDAP::Util qw(
                        ldap_error_text
                        ldap_error_name
                        ldap_error_desc
                        canonical_dn
                        );

my $ldap_server = 'my.ldap.server';
my $dn = 'my dn here'; # For authentication
my $password = 'my password here'; # ditto
my $basedn = 'dc=mydomain,dc=com';
my $filter = 'cn=*'; # simple as this or
# my $filter = "(&(sn=Barr) (o=Texas Instruments))"; # complicated like this.

print "Attempting to connect to $ldap_server.\n";
my $ldap = Net::LDAP->new($ldap_server) or die($@);
print "Connected.  Attempting to bind.\n";

my $mesg;

# bind to a directory with dn and password
$mesg = $ldap->bind( $dn,
                      password=> $password
                   );

if($mesg->code){
       die( "Error ",ldap_error_name($mesg) );
}

print "Bind successful.  Continuing.\n";

$mesg = $ldap->search(
                       base => $basedn,
                        filter => $filter,
                      );

if($mesg->code){
       die( "Error ",ldap_error_name($mesg) );
}
else{
          foreach my $entry(sort{$a->get_value('cn') cmp $b->get_value('cn')} $$
               print $entry->get_value('cn'),"\n";
           }
}


[The Argon@ut]

Hi Numbski,

Well..
In the time elapsed from our last contact I've made various things...
First of all...
I've noticed that my diradmin password contained a ' symbol...so the bind password section on main.inc.php was:
'bind_pass'     => 'xx'xxxx' (with one ' symbol on the middle of the password and another on the end...so, probably, RC was trying to bind to LDAP Server with an "half" password.
I was changed the diradmin password using the Apple instructions...all works OK..
I was pratically sure that THIS was the cause of my problem...but, unfortunately, the problem has continued to persist...
Same LDAP connection error/PHP invalid foreach argument warnings
So, I've used JXplorer to bind the LDAP Server (with the new password) and I've performed an LDAP query (cn=username *) with positive results.
I've verified that if the PHP LDAP module are installed and working OK...all OK..
So, I've installed phpldapadmin and tested an PHP LDAP connection to my LDAP Server...OK.
I've used an Advanced search form for testing the PHP LDAP connection based on the parameters below:

Base DN: dc=servername,dc=my,dc=domain,dc=name
Search scope: sub
Search filter=givenName=*
Show attributes: cn, sn, givenName, mail
Ordered by: givenName
The result was a list of all my contacts ordered by firstnames...

I've modified my main.inc.php LDAP section with the parameters below:
$rcmail_config['address_book_type'] = 'ldap';

$rcmail_config['ldap_public'] = array(Stancioli);

 * example config for Verisign directory
 *
$rcmail_config['ldap_public']['Stancioli'] = array(
  'name'          =>Stancioli',
  'hosts'         => array('servername.my.domain.name),
  'port'          => 389,
  'use_tls'       => false,
  'user_specific' => true,
  // %fu - The full username provided, assumes the username is an email
  //       address, uses the username_domain value if not an email address.
  // %u  - The username prior to the '@'.
  // %d  - The domain name after the '@'.
  'base_dn'       => 'dc=servername,dc=my,dc=domain,dc=name',
  'bind_dn'       => 'uid=diradmin,cn=users,dc=servername,dc=my,dc=domain,dc=name',
  'bind_pass'     => 'newpassword',
  'writable'      => true,
  'LDAP_Object_Classes' => array("top", "person", "inetOrgPerson", "abxldapPerson"),
  'required_fields'     => array("givenName", "cn", "sn", "mail"),
  'LDAP_rdn'      => 'mail',
  'ldap_version'  => 3,
  'search_fields' => array('givenName', 'cn', 'sn', 'mail'),
  'name_field'    => 'cn',
  'email_field'   => 'mail',
  'surname_field' => 'sn',  
  'firstname_field' => 'givenName',
  'sort'          => 'givenName',  
  'scope'         => 'sub',
  'filter'        => 'givenName=*',
  'fuzzy_search'  => true);
*/

$rcmail_config['autocomplete_addressbooks'] = array('Stancioli');

I've queried "firstname *", "Firstname Surname", etc.etc. on the RC addressbook....nothing!
Same errors!!

The apache access.log says:
172.16.4.1 - - [23/Mar/2009:17:08:46 -0300] "GET /?_task=addressbook&_action=search&_q=firstname&_source=0&_remote=1&_ts=1237838926568 HTTP/1.1" 200 241
172.16.4.1 - - [23/Mar/2009:17:08:49 -0300] "GET /?_task=addressbook&_action=search&_q=omar%20*&_source=0&_remote=1&_ts=1237838929645 HTTP/1.1" 200 241
172.16.10.100 - - [23/Mar/2009:17:09:23 -0300] "OPTIONS * HTTP/1.0" 200 -
172.16.4.1 - - [23/Mar/2009:17:09:44 -0300] "GET /?_task=addressbook&_action=keep-alive&_t=1237838984147&_remote=1&_ts=1237838984147 HTTP/1.1" 200 77
172.16.10.100 - - [23/Mar/2009:17:10:01 -0300] "OPTIONS * HTTP/1.0" 200 -

The LDAP.log display a cyclic bsd_substring warnings:
Mar 23 16:59:06 xserve slapd[89947]: <= bdb_substring_candidates: (givenName) index_param failed (18)
Mar 23 16:59:06 xserve slapd[89947]: <= bdb_substring_candidates: (displayName) index_param failed (18)
Mar 23 16:59:06 xserve slapd[89947]: <= bdb_substring_candidates: (mail) index_param failed (18)
Mar 23 16:59:06 xserve slapd[89947]: <= bdb_substring_candidates: (apple-group-realname) index_param failed (18)

but I almost sure that don't have nothing to do with my problem...

Now...How I resolve this problem before to put in risk my mental health?
Any idea?
Thanks.

[The Argon@ut]

Problem solved!
....more than 20 days of tests and headbreaking...
...and the problem was a simple uncomment line error on mail.inc.php.
I wasn't be able to connect to LDAP Server simply because part of the LDAP section of main.inc.php was already commented...

@!!#$%GGRRRrrrrr"!!! (idiot..)

Thank you very much for the support...