[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Shared Addressbook using LDAP

Tarak Ranjan <contacttrm@yahoo.co.in> writes:

> Hi List,
>  I am configuring a shared addressbook for
> squirrelmail. 
> but the problem is it's showing the only single email
> address of the user, using that email id i'm login
> into the webmail.
> here is my slapd.conf.
> include         /etc/openldap/schema/core.schema
> include         /etc/openldap/schema/cosine.schema
> include        
> /etc/openldap/schema/inetorgperson.schema
> allow bind_v2
> pidfile         /var/run/openldap/slapd.pid
> argsfile        /var/run/openldap/slapd.args
> loglevel        256
> access to *
>         by self write
>         by anonymous auth
>         by users read
> access to
> dn.children="ou=addressbook,dc=mail,dc=example,dc=com"
> by self write
> by anonymous read
> by users read

I presume that the access rules for dn.children=ou=addressbook.. are
not taken by cut and paste from your slapd.conf file, otherwise this
rules are not honored, as the rules have to be written in a folded line.
With regard to your question, change the rule
dn.children=ou=addressbook... to dn.subtree=ou=addressbook..
If you want to protect the base entry ou=addressbook, define something
access to 
       dn.base=ou=addressbook... attrs=entry,children by ...
access to dn.children=ou=addressbook... by...


Dieter Klünter | Systemberatung