[olug] LDAP-abook w/MS Outlook

Phil Brutsche phil at giedi.obix.com
Fri Feb 22 18:59:22 UTC 2002 

A long time ago, in a galaxy far, far way, someone said...

> I'm going to setup an LDAP server on a Linux machine.  My goal is to get
> an addressbook that anybody here can use for MSOutlook.  Has anybody in
> the group set this up before?

Yes

> I'm still in the beginning stages of reading about LDAP and how to set
> the server up.  I was looking at ldap-abook on freshmeat but it seems
> stagnant and some of the download links for the files it needs are
> missing.  Has anybody used ldap-abook before?

I've never used ldap-abook - I ended up taking a few hours and writing my
own in PHP3.

BTW, this is something I posted to the list about 6 months ago about
setting up a LDAP server:

-------------------------------------------------------------------------

>From pbrutsch at creighton.edu Fri Feb 22 12:57:13 2002
Date: Mon, 9 Jul 2001 23:23:37 -0500 (CDT)
From: Phil Brutsche <pbrutsch at creighton.edu>
Reply-To: "olug at bstc.net" <olug at bstc.net>
To: OLUG <olug at bstc.net>
Subject: [olug] LDAP

Considering some people had missed my talk about LDAP a couple weeks ago,
and since I had gotten a few details wrong :) I decided to be a nice guy
and show off what I did to make LDAP work in the last 30 minutes.

I'm using OpenLDAP 2.0.11; it compiles effortlessly on, well, lotsa stuff
:)

Once installed, the LDAP software needs to be configured, which is
straightforward.  All you need to define are the schema used in the
directory(ies), what database formats to use, where the database files
will be stored, as well as access control information.  The config file
I've used for this example is at http://giedi.obix.com/~phil/slapd.conf.

Once configured, the LDAP directory needs some basic info about the
structure the directory is going to take; this needs to be done before any
entries can be added.

One thing that needs to be remembered is that LDAP is organized into a
sort of "tree" structure, read from right to left.  That means that, when
you see:

ou=people,o=somecompany,c=us

You read it as:

The "organizational unit" people is part of the organization
"somecompany"; the organization "somecompany is part of the country "US",
the United States.

This is what makes up the search base: all the leaves and branches below
this "trunk" will be searched and nothing else.

A unique entry in the directory is indentified by the "distinguished name"
- "DN" for short; DNs can have authentication information associated with
them.  This makes them a sort of "user" in the directory, capable of
performing (potentially) priveledged actions on the directory.

LDAP directories also have one or more "root DNs" - these behave as a
super-user on a unix-type system; they can change anything, read anything,
add anything, and delete anything.

Most LDAP servers work with a format called LDIF (ldap database
interchange format, or something like that).  The LDIF data I "primed" my
database with is at http://giedi.obix.com/~phil/olug.ldif.

That's all you need to build a basic directory service.  Simple, isn't it
:)

I've put up a web-based client for querying the directory at
http://giedi.obix.com/~phil/ldap.php3.  Source for this client is at
http:/giedi.obix.com/~phil/ldap.txt.

The directory service is also accessible to "traditional" ldap clients
like Netscape Communicator, Outlook Express, and Pine; the host name is
giedi.obix.com and the search root is "ou=people,dc=olug,dc=org".

That concludes tonight's public service announcement.  Stay tuned on this
penguin-channel for further updates!  (aka tomorrow I'm going to talk
about pam_ldap and nss_ldap unless someone beats me to it)

-------------------------------------------------------------------------

My sample LDAP server isn't up and running any more, but that should be
enough to get you a good start.

-- 

Phil



-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

For help contact olug-help at bstc.net - run by ezmlm
to unsubscribe, send mail to olug-unsubscribe at bstc.net
or `mail olug-unsubscribe at bstc.net < /dev/null`
(c)2001 OLUG http://www.olug.org

-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_-_

More information about the OLUG mailing list