Roundcube Community Forum

 

LDAP Address Book

Started by digitalexpl0it, September 04, 2009, 01:05:17 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

digitalexpl0it

September 04, 2009, 01:05:17 PM Last Edit: September 04, 2009, 01:43:28 PM by digitalexpl0it
Hello,

I am trying to connect to my Active Directory to grab the accounts to generate a Global Address List. I am not having much luck. When I try to load the address book nothing happens. I connect to our DC with php php_ldap for projects I have written and they work fine on the same box. Please help me configure roundcube. thank you

Config snippet:

Quote$rcmail_config['ldap_public']['Caltrop'] = array(
  'name'          => 'Global Address Book',
  'hosts'         => array('192.168.10.3'),
  'port'          => 389,
  'use_tls'       => false,
  'user_specific' => true,   // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
  // %fu - The full username provided, assumes the username is an email
  //       address, uses the username_domain value if not an email address.
  // %u  - The username prior to the '@'.
  // %d  - The domain name after the '@'.
  'base_dn'       => 'ou=caltrop users,dc=caltrop,dc=corp',
  'bind_dn'       => '%[email protected]',
  'bind_pass'     => '%p',
  'writable'      => false,   // Indicates if we can write to the LDAP directory or not.
  // If writable is true then these fields need to be populated:
  // LDAP_Object_Classes, required_fields, LDAP_rdn
  'LDAP_Object_Classes' => array("top", "inetOrgPerson"), // To create a new contact these are the object classes to specify (or any other classes you wish to use).
  'required_fields'     => array("cn", "sn", "mail"),     // The required fields needed to build a new contact as required by the object classes (can include additional fields not required by the object classes).
  'LDAP_rdn'      => 'mail', // The RDN field that is used for new entries, this field needs to be one of the search_fields, the base of base_dn is appended to the RDN to insert into the LDAP directory.
  'ldap_version'  => 3,       // using LDAPv3
  'search_fields' => array('mail', 'cn', 'sAMAccountName', 'displayname', 'sn'),  // fields to search in
  'name_field'    => 'displayname',    // this field represents the contact's name
  'email_field'   => 'mail',  // this field represents the contact's e-mail
  'surname_field' => 'sn',    // this field represents the contact's last name
  'firstname_field' => 'gn',  // this field represents the contact's first name
  'sort'          => 'cn',    // The field to sort the listing by.
  'scope'         => 'sub',   // search mode: sub|base|list
  'filter'        => '(&(sn=*))',      // used for basic listing (if not empty) and will be &'d with search queries. example: status=act
  'fuzzy_search'  => true);   // server allows wildcard search


// An ordered array of the ids of the addressbooks that should be searched
// when populating address autocomplete fields server-side. ex: array('sql','Verisign');
$rcmail_config['autocomplete_addressbooks'] = array('sql', 'Caltrop');

digitalexpl0it

#1
September 04, 2009, 01:42:26 PM
The following code is how I grab everyone from AD using php on my own script, trying to adapt that to roundcube doesn't seem to work


Quotefunction user_directory($name, $pass) {
 $adServer = "192.168.10.2";
 $ldapconn = ldap_connect($adServer) or die("Could not connect to LDAP server.");
 ldap_set_option($ad, LDAP_OPT_PROTOCOL_VERSION, 3) or die ("Could not set ldap protocol");
 ldap_set_option($ad, LDAP_OPT_REFERRALS, 0) or die ("Could not set option referrals");
 
 $account = $name;
 $password = $pass;
 $ldaprdn = $account."@caltrop.corp";
 $ldappass = $password;
 
 if ($ldapconn) {
  $ldapbind = ldap_bind($ldapconn, $ldaprdn, $ldappass)  or die("Couldn't bind to AD!");
 }
 
 $dn = "ou=caltrop users,dc=caltrop,dc=corp";
 $filter=(&(sn=*))";
 $justthese = array("displayname");
 $sr = ldap_search($ldapconn, $dn, $filter, $justthese);
 ldap_sort($ldapconn,$sr,"displayname");
 $info = ldap_get_entries($ldapconn, $sr);

 for ($i=0; $i < $info["count]; $i++) {
   $dir_list_name = $info[$i]["displayname"][0]."
".$dir_list_name;
 }
  return $dir_list_name;
  ldap_free_result($sr);
  ldap_unbind($ldapconn);
}

digitalexpl0it

#2
September 04, 2009, 02:32:33 PM
ok I got it working, it was a bind user issue, looked at the logs.

this works with AD win 2003

Quote$rcmail_config['ldap_public']['Caltrop'] = array(
  'name'          => 'Global Address Book',
  'hosts'         => array('192.168.10.3'),
  'port'          => 389,
  'use_tls'       => false,
  'user_specific' => true,   // If true the base_dn, bind_dn and bind_pass default to the user's IMAP login.
  // %fu - The full username provided, assumes the username is an email
  //       address, uses the username_domain value if not an email address.
  // %u  - The username prior to the '@'.
  // %d  - The domain name after the '@'.
  'base_dn'       => 'ou=caltrop users,dc=caltrop,dc=corp',
  'bind_dn'       => '[email protected]',
  'bind_pass'     => 'secertpassword',
  'writable'      => false,   // Indicates if we can write to the LDAP directory or not.
  // If writable is true then these fields need to be populated:
  // LDAP_Object_Classes, required_fields, LDAP_rdn
  'LDAP_Object_Classes' => array("top", "inetOrgPerson"), // To create a new contact these are the object classes to specify (or any other classes you wish to use).
  'required_fields'     => array("cn", "sn", "mail"),     // The required fields needed to build a new contact as required by the object classes (can include additional fields not required by the object classes).
  'LDAP_rdn'      => 'mail', // The RDN field that is used for new entries, this field needs to be one of the search_fields, the base of base_dn is appended to the RDN to insert into the LDAP directory.
  'ldap_version'  => 3,       // using LDAPv3
  'search_fields' => array('mail', 'cn', 'sAMAccountName', 'displayname', 'sn', 'givenName'),  // fields to search in
  'name_field'    => 'cn',    // this field represents the contact's name
  'email_field'   => 'mail',  // this field represents the contact's e-mail
  'surname_field' => 'sn',    // this field represents the contact's last name
  'firstname_field' => 'givenName',  // this field represents the contact's first name
  'sort'          => 'cn',    // The field to sort the listing by.
  'scope'         => 'sub',   // search mode: sub|base|list
  'filter'        => 'mail=*@*',      // used for basic listing (if not empty) and will be &'d with search queries. example: status=act
  'global_search' => true,
  'fuzzy_search'  => true);   // server allows wildcard search


// An ordered array of the ids of the addressbooks that should be searched
// when populating address autocomplete fields server-side. ex: array('sql','Verisign');
$rcmail_config['autocomplete_addressbooks'] = array('sql', 'Caltrop');
Print
Go Up Pages1
User actions