[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP as an address book for MS Outlook



Howard Chu wrote:
> > Victor Sudakov wrote:
> >>
> >> I have been trying to investigate what is needed in OpenLDAP to have
> >> Microsoft Outlook 2007 display a list of names in the addressbook when
> >> first accessed in the same way that it does with ActiveDirectory/Exchange.
> >
> > Here is a dump of an LDAP session between Microsoft Outlook and a
> > CommunigatePro server: http://zalil.ru/34017194 where a list of names
> > is being displayed.
> >
> > Could someone with sufficient LDAP knowledge look at it and advise how to
> > configure OpenLDAP to achieve the same result?
> 
> Your trace shows two supportedControls and two supportedCapabilities. The 
> controls are for server-side sorting and paged results. OpenLDAP supports 
> paged results intrinsically, and server-side sorting when the sssvlv overlay 
> is configured. If those aren't sufficient to make Outlook behave, then things 
> get trickier.

Howard,

I have enabled the sssvlv overlay and now I have them in the server:

[vas@gw ~] ldapsearch -h localhost -b '' -s base + | egrep
'1.2.840.113556.1.4.800|1.2.840.113556.1.4.1791|1.2.840.113556.1.4.319|1.2.840.113556.1.4.473'
supportedControl: 1.2.840.113556.1.4.473
supportedControl: 1.2.840.113556.1.4.319
[vas@gw ~] 

However, Outlook still does not show the list of addresses. So I think the
next step is necessary.

> 
> supportedCapabilities is not a standard attribute, it appears to be specific 
> to M$AD. The two supportedCapabilities in your trace are:
> 1.2.840.113556.1.4.800	LDAP_CAP_ACTIVE_DIRECTORY_OID
> 1.2.840.113556.1.4.1791	LDAP_CAP_ACTIVE_DIRECTORY_LDAP_INTEG_OID
> 
> If your sssvlv is configured correctly, and Outlook sees both Server Side 
> Sorting and Paged Results in the supportedControls that OpenLDAP returns, but 
> it still doesn't do what you want, then apparently Outlook requires the server 
> to claim to be Active Directory.

It seems to be so. I did not explicitely configure any sssvlv-* options
however, I just enabled the overlay in slapd.conf.

> 
> You could fake this, by copying the schema definition of the 
> supportedCapabilities attribute and loading it into slapd. You would also need 
> to populate the values. You can use the "rootdse" directive to do that. I 
> would guess you only need the first capability, but I don't use Outlook so 
> have no way to verify this.

Could you please be more specific how I can load the attribute into slapd
and populate it? Please refer me to an example. 

Thank you very much in advance.

-- 
Victor Sudakov,  VAS4-RIPE, VAS47-RIPN
sip:sudakov@sibptus.tomsk.ru