Some workaround. I figure out howto set filter, but I cannot search on whole domain (begin base_dn with dc=...) with scope sub and scope list. With scope base - everythink is ok, but i need sub. ldap_search in my testing php script is working on base dc. It's look like bug in roundcube, please somebody try it.
configuration and test:
This is ok:
$rcmail_config['ldap_public']['somedomain.cz'] = array(
'name' => 'somedomain.cz',
'hosts' => array('192.168.x.x'),
'port' => 389,
'base_dn' => 'ou=IT,dc=somedomain,dc=cz',
'bind_dn' => 'ldap@somedomain.cz',
'bind_pass' => '******',
'writable' => false,
'ldap_version' => 3,
'encoding' => 'utf8',
'search_fields' => array('Email', 'Name'),
'name_field' => 'cn', // this field represents the contact's name
'email_field' => 'mail', // this field represents the contact's e-mail
'firstname_field' => 'givenName',
'surname_field' => 'sn',
'sort' => 'cn',
'scope' => 'sub', // search mode: sub|base|list
'filter' => 'memberOf=CN=MAILIT,CN=USERS,DC=SOMEDOMAIN,DC=CZ',
'fuzzy_search' => true); // server allows wildcard search
This is not ok (search on whole domain without cn or ou):
$rcmail_config['ldap_public']['somedomain.cz'] = array(
'name' => 'somedomain.cz',
'hosts' => array('192.168.x.x'),
'port' => 389,
'base_dn' => 'dc=somedomain,dc=cz',
'bind_dn' => 'ldap@somedomain.cz',
'bind_pass' => '******',
'writable' => false,
'ldap_version' => 3,
'encoding' => 'utf8',
'search_fields' => array('Email', 'Name'),
'name_field' => 'cn', // this field represents the contact's name
'email_field' => 'mail', // this field represents the contact's e-mail
'firstname_field' => 'givenName',
'surname_field' => 'sn',
'sort' => 'cn',
'scope' => 'sub', // search mode: sub|base|list
'filter' => 'memberOf=CN=MAILIT,CN=USERS,DC=SOMEDOMAIN,DC=CZ',
'fuzzy_search' => true); // server allows wildcard search
Error in ldap_debug log "roundcube/logs/ldap":
[date time]: C: Search [MAILIT,CN=USERS,DC=SOMEDOMAIN,DC=CZ]
[date time]: S: Operations error
It works in ldp.exe on Windows Domain server:
BaseDn:
DC=SOMEDOMAIN,DC=CZ
Filter:
memberOf=CN=MAILIT,CN=USERS,DC=SOMEDOMAIN,DC=CZ
OUTPUT:
***Searching...
ldap_search_s(ld, "DC=SOMEDOMAIN,DC=CZ", 2, "memberOf=CN=MAILIT,CN=Users,DC=SOMEDOMAIN,DC=CZ", attrList, 0, &msg)
Result <0>: (null)
Matched DNs:
Getting 2 entries:
>> Dn: CN=Martin XY,OU=IT,DC=SOMEDOMAIN,DC=CZ
4> objectClass: top; person; organizationalPerson; user;
1> cn: Martin XY;
1> distinguishedName: Martin XY,OU=IT,DC=SOMEDOMAIN,DC=CZ;
1> name: Martin XY;
1> canonicalName: SOMEDOMAIN/OIT/Martin XY;
>> Dn: CN=test2 test2,CN=Users,DC=SOMEDOMAIN,DC=CZ
4> objectClass: top; person; organizationalPerson; user;
1> cn: test2 test2;
1> distinguishedName: CN=test2 test2,CN=Users,DC=SOMEDOMIAN,DC=CZ;
1> name: test2 test2;
1> canonicalName: SOMEDOMAIN/Users/test2 test2;
Server:
Debian stable Lenny: Linux roundcube 2.6.26-2-686 #1 SMP Tue Mar 9 17:35:51 UTC 2010 i686 GNU/Linux
php5: PHP Version 5.2.6-1+lenny8
Active directory Win2k3
Roundcube 0.3 stable.