Announcement

Collapse
No announcement yet.

global addressbook: LDAP bind

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Dennis Sieben
    replied
    Caching is not the only issue. And by the way it's implemented and can be activated in the properties (not for search atm, but for listing). But there are other things which must be changed in our architecture to make this work.

    Leave a comment:


  • Guest's Avatar
    Guest replied
    display limited results

    I would have thought that you would simply limit the number of search results.
    In ldap can't you just set the page size for the results to be say 10, and just ask for the first 10, or would this still cause server load?

    I am currently using horde, which uses auto complete - I guess the size of my environment and the power of the server means this isn't an issue for me.

    Leave a comment:


  • Martin Heiland
    replied
    Would it be possible to cache the ldap search response for a search at the autocomplete and search at the cached results instead of querying ldap over and over for a subset of the already delivered response?

    Leave a comment:


  • Dennis Sieben
    replied
    Autocomplete is disabled at the moment due to load issues. Every keyboard hit will search the ldap directory, which will cause a lot of load, especially in big environments. But you can click on "To:" and select the the folder, then it will work.

    HTH,

    Dennis

    Leave a comment:


  • Guest's Avatar
    Guest replied
    not usable

    Although I can see the users in ldap, I cannot use them for anything.
    Users don't auto complete and I can't click on a user to send an email.
    Guess I'll have to leave it for another 6 months again :-(

    Leave a comment:


  • Guest's Avatar
    Guest replied
    Thanks

    Great, Thanks for that.
    I'll modify my config not to use AdminDN then for the moment.
    It's an annoyance, but not a show stopper by any means for me.

    Great I've got ldap working now though :-D

    Thanks for your help again

    Leave a comment:


  • Dennis Sieben
    replied
    Yes, contacts-ldap is currently read-only, this is hard-coded so there no way to change this at the moment.

    For the access 3 types are possible: anonymous, admin and user. The difference between admin and user is that the first one has fixed credentials and passwords set in the config file while user searches the user to authenticate with in the ldap tree before authentication. Just see the config file and the documentation for details.

    Regards,

    Dennis

    Leave a comment:


  • Guest's Avatar
    Guest replied
    ldap working

    As promised I said I'd try again ;-)

    It seems to be working much much better now, same configs but it just works.
    One thing I can't work out is that although the contacts appear I get
    "You do not have write permission for this object"

    From what I can see this has nothing to do with ldap, as I have set everything to use AdminDN and set the admin DN correctly.
    Is there any way of setting this to read/write?

    If this is ldap, how does open-xchange pick up the user access?
    From what I can see its either anonymous or admin ?

    Am I missing something?
    Attached Files
    Last edited by deadmalc; 02-10-2010, 06:57 PM.

    Leave a comment:


  • Guest's Avatar
    Guest replied
    Thank you for all the information.

    Leave a comment:


  • Dennis Sieben
    replied
    Just seen this Thread. If you are still interested in resolving this problem, please paste your config files all below /opt/open-xchange/etc/groupware/contacts-ldap are needed.

    Thanks in advance,

    Dennis

    Leave a comment:


  • Guest's Avatar
    Guest replied
    ldap contacts

    I've pretty much given up on this, there is no real clue as to what the issue is or any documentation for it so I think it's probably best if I drop using open-xchange and try it again in a year or to

    Thanks for you help so far

    Leave a comment:


  • Guest's Avatar
    Guest replied
    ldap error

    Thanks for that I worked out the problems with my config there, I see the new folder, but now I'm getting this error.

    I am using redhat directory server btw, I tried altering the page size but that made no difference (I set it to 1,100,1000 and 1500)

    Jul 28, 2009 6:10:22 PM com.openexchange.tools.exceptions.DefaultLoggingLo gic internalError
    SEVERE: An internal error occurred: PERMISSION-0002 Category=7 Message=An error occured while trying to read an LDAP attribute: [LDAP: error code 12 - Unavailable Critical Extension] exceptionID=-904208431-7
    PERMISSION-0002 Category=7 Message=An error occured while trying to read an LDAP attribute: [LDAP: error code 12 - Unavailable Critical Extension] exceptionID=-904208431-7

    The ldap logs show:

    [28/Jul/2009:19:37:02 +0100] conn=6083 op=2 SRCH base="ou=Address Book,dc=xxxxxx,dc=com" scope=1 filter="(|(objectClass=top)(objectClass=person)(ob jectClass=organizationalPerson)(objectClass=inetOr gPerson))", failed to decode LDAP controls

    I got the search filter from horde which works fine, but I've tried every search filter, and the username stuff is fine.

    Leave a comment:


  • Martin Heiland
    replied
    Hi,

    no that has nothing to do with authentication. Its just that the ldap configuration is active for context 111 which does not seem to exist on your server. Please check the contacts-ldap directory. The subdirectory where the configuration is located needs to be equally named to the context ID. Typically the first context is 1.

    Greetings

    Leave a comment:


  • Guest's Avatar
    Guest replied
    ldap contacts error

    I found the error in the log after reinstalling and reconfiguring again:

    SEVERE:
    Start-up of bundle "com.openexchange.contacts.ldap" failed: DBP-0002 Category=8 Message=Resolving database for context 111 and server 2 not possible! exceptionID=1494794476-1

    Does this mean you can't have database auth and ldap contacts?

    Leave a comment:


  • Martin Heiland
    replied
    Hi,

    have you installed the open-xchange-contacts-ldap bundle? This does not make the normal global addressbook disappear, but it adds a public contact folder which contains contact data from LDAP or ADS.

    Greetings

    Leave a comment:

Working...
X