Penguin

Installing LDAP

My project for the day was to get a LDAP address book running, so I can get rid of pieces of paper with phone numbers. Eventually I'd like to be able to sync my cellphone against it (easy, cos the software for the phone can take a CSV and I'm sure I could write a connector if I wanted), and I want to be able to read it from MicrosoftOutlook/OutlookExpress and XimianEvolution, and write to it with at least Evolution (pref. everything, but you can't always get what you want.)

These notes may be slightly Debian specific, YMMV, etc.

There is also an article about Building an Address Book with OpenLDAP on ONLamp.

1. Install slapd

[root@jane?: # apt-get install slapd ldap-utils

The following extra packages will be installed
libgtk1.2 libgtk1.2-common libiodbc2

Why does my server need GTK, you say? Well, on Debian Woody, OpenLDAP requires ODBC, ODBC requires ODBC-setup and ODBC-setup requires libgtk. Or something similar. (Fixed in testing - see LDAPNotes.)

When you install the server, use your hostname for the LDAP root DN - my hostname is ellusions.tla so my DN becomes dc=ellusions,dc=tla.

Depending on how you install the packages, you may not be offered the choice of domain name. If you are not asked, the name could default to something useless like 'localhost', so use:

dpkg-reconfigure -plow slapd

2. Get your existing contacts

By far the easiest way I found to get contacts out of Outlook and into LDIF was using MozillaMail as an intermediate step. Export whatever fields you need to a CSV, fire up Mozilla and it's address book, import the file, line up the fields (be careful here!) and then you have all your data in Mozilla's address book. From the Tools menu, click Export, to LDIF - done.

I also found a Perl script that converts CSV to LDIF but then you'll have to manually align the fields.

3. Create an OU (OrganisationalUnit) for your contacts

Create a file called 'ou.ldif' that contains something like this (edit for your DN)

dn: ou=Contacts, dc=ellusions, dc=tla objectClass: top objectClass: organizationalUnit ou: Contacts

Then import it with

  1. ldapadd -W -x -D "cn=admin,dc=ellusions,dc=tla" -f ou.ldif

Enter LDAP Password: xxxxxxxx adding new entry "ou=Contacts, dc=ellusions, dc=tla"

Done!

4. Modify the output from the export to fit your DN

You need to run a substitution or two over your file. Create a Perl script
  1. /usr/bin/perl -pi

s/mail=.*/ou=Contacts,dc=ellusions,dc=tla/; s/modifytimestamp.*\n//; s/objectclass: mozillaAbPersonObsolete.*\n//;

eg as fix-ldif and run it (don't forget to chmod a+x)
  1. ./fix-ldif contacts.ldif

The first substitution takes mail=(emailaddr) (Mozilla's DN) and replaces it with your own. The second removes the modify time, which a standard ldap add can't set.

Then remove any givenName and sn blocks and use this
  1. perl -pi -e '$_ .= "givenName: $1\n" . "sn: $2\n" if /^cn: \s+ (\w+) \s+ (.*)//x' contacts.ldif

If this works (it should), it should be added to the script above. --AristotlePagaltzis

No, it doesn't. Afterwards my contacts.ldif was empty :-( --Susanne Wenz

Now import them in much the same way:

5. Connect Evolution to your address book

In the Tools menu, click Settings. Select Directory Server and Add a new connection. Follow the wizard, adding the name of your server, binding by DN (use cn=admin,dc=ellusions,dc=tla at this point).

When you save this, you will see an entry for your LDAP server under "Other Contacts". If you click it it should ask you for a password (once, use your root DN password) - upon success you will see no contacts. Click "Clear" on the search field on top of the box and they should populate. You can then add/edit/search the contacts.

Ximian Evolution assumes that you will not have write access to your LDAP address book unless you have authenticated with the LDAP server.

6. Caveats

  • You will see a contact with "Department: Contacts". This is the OU; you can't do anything with this.
  • If you try and create a user 'Foo', you will get a failure (Error adding card: Other error) which equates to "no sn: field in LDAP".
  • You shouldn't use the root DN - the next update will concern creating an LDAP user and giving them access to the contacts, but I might tie that into migrating all my system users to LDAP as well.
  • If you are trying to export address books from Mozilla to use via LDAP in Mozilla it might help to be aware of some bugs ..

http://bugzilla.mozilla.org/show_bug.cgi?id=116692 this URL contains links to an official Mozilla LDAP Schema and a Perl script to help convert the current ldif export to conform with this Schema.

The following authors of this page have not agreed to the WlugWikiLicense. As such copyright to all content on this page is retained by the original authors.
  • JackWasey
  • SusanneWenz
The following authors of this page have agreed to the WlugWikiLicense.

lib/plugin/WlugLicense.php:99: Warning: Invalid argument supplied for foreach()

lib/plugin/WlugLicense.php:111: Notice: Undefined variable: ignore_authors

lib/plugin/WlugLicense.php:111: Notice: Undefined variable: ignore_authors

lib/plugin/WlugLicense.php:111: Notice: Undefined variable: ignore_authors