# Howto: Creating a central outlook addressbook with OpenLDAP.

## mariourk

Building an outlook addressbook with OpenLDAP.

This howto discribes how you can build a central outlook adressbook with OpenLDAP.

When you have your addressbook running, you only have to maintain this addressbook. There is no longer need to change the addressbook of every outlook client if an address changes.

In my excamples we pretend that we use the domain gentoo.org.

First of all you need to install OpenLDAP on your Gentoo server.

```

#emerge openldap

```

Once this is done, you need to edit /etc/openldap/slapd.conf. 

```

#nano -w /etc/slapd.conf

```

Make sure it looks like this:

```

include         /etc/openldap/schema/core.schema

include         /etc/openldap/schema/cosine.schema

include         /etc/openldap/schema/inetorgperson.schema

include         /etc/openldap/schema/extension.schema

                                                                                                                                                                                                                                                                                            

pidfile         /var/run/openldap/slapd.pid

argsfile        /var/run/openldap/slapd.args

database        ldbm

suffix          "dc=gentoo,dc=org"

rootdn          "dc=gentoo,dc=org"

rootpw          secret

directory       /var/lib/openldap-ldbm

index   objectClass     eq

```

It is possible to use an encrypted password  but I don't know how . If you want it encrypted, there are many howto's who will tell you how to do it.

We included 'extension.schema' in slapd.conf but his file doesn't excist. 

So we have to create it.

```

#nano -w /etc/openldap/schema/extension.schema

```

Paste the following into extension.schema and save it.

```

attributetype ( 1.3.6.1.4.1.4203.666.100.121

        NAME ( 'rdn' )

        SUP name )

attributetype ( 1.3.6.1.4.1.4203.666.100.122

        NAME ( 'otherFacsimiletelephoneNumber' )

        SUP telephoneNumber )

attributetype ( 1.3.6.1.4.1.4203.666.100.123

        NAME ( 'IPPhone' )

        SUP telephoneNumber )

# This attribute handles MS/Outlook and Netscape Communicator

attributetype ( 1.3.6.1.4.1.4203.666.100.124

        NAME ( 'URL' 'homeUrl' )

        SUP name )

attributetype ( 1.3.6.1.4.1.4203.666.100.125

        NAME ( 'comment' )

        SUP name )

attributetype ( 1.3.6.1.4.1.4203.666.100.126

        NAME ( 'conferenceInformation' )

        SUP name )

attributetype ( 1.3.6.1.4.1.4203.666.100.127

        NAME ( 'reports' )

        SUP manager )

objectclass     ( 1.3.6.1.4.1.4203.666.100.1

    NAME 'officePerson'

        DESC 'Office employee or computer user'

    SUP inetOrgPerson

    STRUCTURAL

        MAY  ( c $

               rdn $

               otherFacsimiletelephoneNumber $

               IPPhone $

               URL $

               comment $

               reports $

               conferenceInformation )

    )

```

Now we need to edit cosine.schema

```

#nano -w /etc/openldap/schema/cosine.schema

```

Edit the following in cosine.schema

```

Change: NAME ( 'mobile' 'mobileTelephoneNumber' )

         to: NAME ( 'mobile' 'mobileTelephoneNumber' 'cellPhone' )

Also change: NAME ( 'pager' 'pagerTelephoneNumber' )

         to: NAME ( 'pager' 'pagerTelephoneNumber' 'pagerPhone' )

```

Now we can start the slapd.

```

/etc/init.d/slapd start

```

We have to create a new directory. To do that you need to create a new 'ldif file'

```

#nano -w directory.ldif

```

Paste the following in directory.ldif and save it.

```

dn:     dc=gentoo, dc=org

objectClass:    top

objectClass:    dcObject

objectClass:    organization

dc:     gentoo 

o:      Name-of-your-organization.

```

Now you can insert the new directory with 'ldapadd'

Remember that the password is 'secret' (it is set in slapd.conf)

```

#ldapadd -D "dc=gentoo, dc=org" -f directory.ldif -W

```

Now we need to create a container where we can put our contacts. Create a new ldif-file.

```

#nano -w container.ldif

```

And paste the following in container.ldif

```

dn:     ou=addressbook, dc=gentoo, dc=org

objectClass:    top

objectClass:    organizationalUnit

ou:     addressbook

```

The name of the container will be 'addressbook'. But you are free to choose any name you like.

Now you can add the new container with 'ldapadd'

```

#ldapadd -D "dc=gentoo, dc=org" -f container.ldif -W

```

Now we have a container we can add our contacts. To do that create another ldif-file.

```

#nano -w contact.ldif

```

Paste the following into contact.ldif. You need to edit the contacts information like name, email address, etc.

```

dn: cn=Name of the Record,ou=addressbook,dc=gentoo,dc=org

ou: addressbook

o: Name-of-your-campany

cn: Contacts full name

objectClass: top

objectClass: person

objectClass: organizationalPerson

objectClass: inetOrgPerson

objectClass: officePerson

mail: contact@gentoo.org

givenname: Contacts first name

sn: Contacts surname

homePostalAddress: Needs no explanation ;)

postalAddress: work postal address

l: City name

st: State

postalcode: needs no axplanation either

c: Country

pager: what's a pager anyway??? Just fill in: 'not available'

telephoneNumber: work phone number

homePhone: home phome number

mobile: mobile phone number

title: just some title 

URL: http://www.gentoo.org

```

Now you can add your new contact to the LDAP database with:

```

#ldapadd -f contact.ldif -D "dc=gentoo, dc=org" -W

```

After that you can edit contact.ldif to add a new contact to your LDAP database.

Now you need to setup outlook you use your database. (Keep in mind that I don't use the english version. So my howto might give the wrong names for tabs and buttons). To do that open outlook, click on 'extra' and than 'services' (dutch version) click on 'add' and choose 'microsoft LDAP addressbook' (or something like that, you'll know wich one  :Wink: 

For server, fill in your Gentoo-server ip-address. For search (the fields defauld value is: c=us) fill in: ou=addressbook, dc=gentoo, dc=org (mind the komma's  ,  )

After that you need to alter the search routine so outlook will check the LDAP database first.

Click on the 'address' tab and add your LDAP addressbook to the standard outlook addressbooks. Make sure LDAP is on top of the other addressbooks. If so, outlook will search the LDAP addressbook first.

Now you are ready to use your addressbook. Create a new email with outlook. in the 'to' field, fill in you contacts name and click on 'check names'. Outlook will search your LDAP database for contacts and, if you did well, come up with the correct email address.

To manage your addressbook I recommend 'phpldapadmin' This is a phpscript that you need to run with apache on your Gentoo-server. So you need to emerge apache first. Make sure that you have 'ldap' in you /etc/make.conf.

```

#emerge apache

```

Make sure that apache has the php-modules (this should be ok. If not, there are plenty apache howto's) and start apache.

```

#/etc/init.d/apache2 start

```

Now you can emerge phpldapadmin. When I installed it, it was still masked so you have to use the full path.

```

#emerge /usr/portage/net-nds/phpldapadmin/phpldapadmin-0.9.3.ebuild

```

phpldapadmin will be put in /var/www/localhost/htdocs/phpldapadmin/ there you will find a config file 'config.php.example'. You need to edit this file and save it as 'config.php'

```

#nano -w /var/www/localhost/htdocs/phpldapadmin/config.php.example

```

By now you should now what should be edited. You only have to edit a few first lines so phpldapadmin knows what the name, passwd, etc of your LDAP database is. Don't forget to save it as config.php!!

Now you can access and maintain your LDAP database with your browser. Open your browser and give the ip of your Gentoo-server. For example:

```

192.168.0.1/phpldapadmin

```

Your will enter a beautifull interface and maintaining yor database is a piece of cace from now an  :Wink: 

Your database can also be used with Evolution. Before you can, you might need to re-emerge Evolution with ldap support (have 'ldap' in your /etc/make.conf and re-emerge Evolution)

If everything went well, you have yor database running by now. With this howto it should been pretty simple. It took me more that 2 days to figure it all out from many howto's. So I hope I helped many people be writing this howto.   :Cool: 

***********************************************************

UPDATE: Making a backup of your adressbook.

***********************************************************

You can make a backup with slapcat. It simply "greps" all the information

out of your adressbook and puts in it a file in LDIF-format.

```

slapcat -f /etc/openldap.slapd.conf -l backup_adressbook.ldif

```

May something happen to your server you can import this file into your

new ldapserver with ldapadd.

```

ldapadd -D "dc=gentoo, dc=org" -f backup_adressbook.ldif -W

```

Unfortunately you have to edit the file fist before you can import it.

The file contains the information to create new groups (dc=gentoo,

dc=org and the subgroup ou=adressbook) This might be handy when

you must setup a new database from scratch, in that case you can just 

import it and your done  :Smile: 

The file also contains some extra information that will frustrate everything.

I had to strip it all out before I could use the file. You must delete the

following entries from every contact:

```

creatorsName:

createTimestamp:

modifiersName:

modifyTimestamp:

```

It might take some time. But on the other hand, it goes much faster than

creating an entirely new database from scratch  :Wink: 

************************************************************

UPDATE: Update OpenLDAP to version .2.1.26

************************************************************

Here is how I updated OpenLDAP to version 2.1.26.

After I first updated to version 2.1.26, I deleted the new schema files.

When I restarted OpenLDAP, nothing worked anymore. So I downgraded

the the last working version.

The second try, I overwrited the schema files with the new ones and made the

same changes in cosine.schema as discribed in this howto.

After this, OpenLDAP started without any error. However, my entire database 

was gone, I have no idea how that could have happend??   :Confused: 

But fortunately I had a backup, as discripbed  in the previous update. So I can

tell that restoring your database with that backupmethod isn't too much trouble  :Smile: 

************************************************************

UPDATE: Evolution 2.0

************************************************************

I found a really nice option in Evolution 2.0 

Evolution 2.0 can acces the central addressbook as good as outlook does. Maybe even better!

After you added the LDAP addresbook in Evolution, go to tools --> settings --> autocompletion

Disable the autocompletion for the standard, local, addressbook and enable the autocompletion for your LDAP addresbook.

Now the good part. Click on 'new mail' to write a mail to someone. Just type the name

of the person and Evolution wil automaticly search the LDAP-database and come up with

the right name and email-address. If more matches are found, you can select the right one.

Works quite cool  :Very Happy: 

************************************************************

UPDATE: Problems with outlook 2003

************************************************************

I had problems with several outlook 2003 installations, that coudn't connect

my central addressbook. Fortunately, the solution turned out to be fairly easy.

The solution can be found in Microsoft's KB 555536.

To make things easier, I made a .reg file that does this automaticly. It can be downloaded here.

Unfortunately, this method only works for the active account. So, if you have more than

1 person working on a computer, you have to run this on every account. If someone could

tell me how to do this on a system wide scale, so it affects all the accounts?  :Confused: 

************************************************************

UPDATE: OpenLDAP-2.4

************************************************************

It seems that ldbm support is dropped in OpenLDAP-2.4. To overcome this problem, I made a backup of my contact, using slapcat

(see Making a backup of your adressbook. earlier in the article) I strongly suggest you do this before updating anything  :Wink: 

Update to OpenLDAP-2.4 and make sure the berkdb USE-flag is turned on.

Edit /etc/openldap/slapd.conf and change these lines:

```

database        ldbm

directory       /var/lib/openldap-ldbm

```

to:

```

database        bdb

directory       /var/lib/openldap-bdb

```

Create the DB-directory:

```

mkdir /var/lib/openldap-bdb

chown ldap:ldap /var/lib/openldap-bdb

```

Start openldap and restore your contacts from the backup you made.

sources:

www.openldap.org

http://devel.linvision.com/doc/lih/current/index.html

http://www.linux.org.tw/CLDP/OLD/HOWTO/LDAP-HOWTO-5.html

http://www.onlamp.com/pub/a/onlamp/2003/03/27/ldap_ab.html

http://yolinux.com/TUTORIALS/LinuxTutorialLDAP-GILSchemaExtension.html

Mario.

----------

## tecknojunky

two typos:

The first nano file you specify to edit: /etc/openldap.slapd.conf

When mentionning evolution, you say we might have to re-emerge Outlook.  Boy, I wish I could  :Very Happy: 

----------

## mariourk

Oops...   :Rolling Eyes: 

Corrected it, thanks for the tip.   :Wink: 

----------

## tecknojunky

...and...

 *Quote:*   

> # /etc/init.d/slapd restart
> 
>  * Stopping ldap-server...                                                [ ok ]
> 
>  * Starting ldap-server...
> ...

 

I'll try to find the attribute by figuring what is actualy called in slapd and run it from the prompt so it will display it (i hope).

RESULT:

 *Quote:*   

> # /usr/lib/openldap/slapd
> 
> /etc/openldap/schema/extension.schema: line 37: AttributeType not found: "rdn"

 

... and if I remove it, the next attribute cause slapd to complain, and so on.

----------

## mariourk

Hmm, I hope you can figure it out.

I have no idea why this doesn't work for you.

I did/does for me.   :Confused: 

It might help if you comment out line 37???

This is how I emerged OpenLDAP:

```

mail root # emerge openldap -vp

 

These are the packages that I would merge, in order:

 

Calculating dependencies ...done!

[ebuild   R   ] net-nds/openldap-2.0.27-r4  +ssl +tcpd +readline -ipv6 +berkdb +gdbm -kerberos -odbc

```

----------

## tecknojunky

I have openldap emerge for a long time for centralized user/password.  I just wanted to try using ldap address book feature in evolution and I stumbled on your thread.

This message appear because of the extension.schema.  OpenLDAP can't recognise none of what is specified in "objectclass".

There is obviously a step missing, altough I did everything stated in your howto.

For the moment, I commented the include extension.schema directive in slapd.conf so that my users can at least authenticate themselves.

----------

## mariourk

I added a new link to 'sources'. 

Maybe this howto can help you?   :Confused: 

----------

## tecknojunky

Well, not really.

Doing my own research, I've found out that evolution bundle it's own schema, located at /usr/share/evolution/1.4/evolutionperson.schema on the machine where you emerged it.  So I copied that file to /etc/openldap/schema, chown root:root it and chmod it to 444.  So instead of including your extension.schema, I include evolutionperson.schema instead.  I will deal with Outlook users later.

In evolution, I can authenticate to the ldap server, but everything seem to be read only.  So that's where I am.

There is a very nice slide pdf about OpenLDAP at ftp://kalamazoolinux.org/pub/pdf/ldapv3.pdf (warning: this has biblical proportions, so it's huge!).  The evolution section is at page 371.

It makes you wonder, what is it that OpenLDAP can't do?

Ps. You changed one typo for another. /etc/openldap.slapd.conf is now /etc/slapd.conf  :Razz:   :Rolling Eyes: 

----------

## Arno

 *mariourk wrote:*   

> 
> 
> It is possible to use an encrypted password  but I don't know how . If you want it encrypted, there are many howto's who will tell you how to do it.

 

That's easy. Use slappasswd.

```

# /usr/sbin/slappasswd

New password:

Re-enter new password:

{SSHA}1234567890abcdef

```

The copy the encrypted password (with the {SSHA}) in your slapd.conf:

```

rootpw          {SSHA}1234567890abcdef

```

----------

## golem

thx to mariourk for the how-to... got my ldap up and running, to find out that moz thunderbird doesnt really support it all that well as of yet :/

installed phpLDAPadmin on my system and hacked up the new_address_template.php to work with the settings described in the howto (a quick and dirty hack, but should work for yall)

```

<?php

require 'common.php';

// customize this to your needs

$default_container = "ou=Addresses";

// Common to all templates

$container = $_POST['container'];

$server_id = $_POST['server_id'];

// Unique to this template

$step = isset( $_POST['step'] ) ? $_POST['step'] : 1;

check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );

have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );

?>

<script language="javascript">

<!--

/*

 * Populates the common name field based on the last

 * name concatenated with the first name, separated

 * by a blank

 */

function autoFillCommonName( form )

{

   var first_name;

   var last_name;

   var common_name;

        first_name = form.first_name.value;

        last_name = form.last_name.value;

   if( last_name == '' ) {

      return false;

   }

   common_name = first_name + ' ' + last_name;

   form.common_name.value = common_name;

}

-->

</script>

<center><h2>New Address Book Entry<br />

<small>(InetOrgPerson-modified)</small></h2>

</center>

<?php if( $step == 1 ) { ?>

<form action="creation_template.php" method="post" id="address_form" name="address_form">

<input type="hidden" name="step" value="2" />

<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />

<input type="hidden" name="template" value="<?php echo htmlspecialchars( $_POST['template'] ); ?>" />

<center>

<table class="confirm">

<tr class="spacer"><td colspan="3"></tr>

<tr>

   <td><img src="images/uid.png" /></td>

   <td class="heading">Name:</td>

   <td>

      <input type="text" name="first_name"

         id="first_name" value="first" onChange="autoFillCommonName(this.form)" />

      <input type="text" name="last_name"

         id="last_name" value="last" onChange="autoFillCommonName(this.form)" />

   </td>

</tr>

<tr>

   <td></td>

   <td class="heading">Common name:</td>

   <td><input type="text" name="common_name" id="common_name" value="" /></td>

</tr>

<tr>

   <td></td>

   <td class="heading">Organization:</td>

   <td><input type="text" name="organization" id="organization" value="" /></td>

</tr>

<tr>

   <td></td>

   <td class="heading">Title:</td>

   <td><input type="text" name="title" id="title" value="" /></td>

</tr>

<tr class="spacer"><td colspan="3"></tr>

<tr>

   <td><img src="images/mail.png" /></td>

   <td class="heading">Address:</td>

   <td><input type="text" name="street" id="street" value="" /></td>

</tr>

<tr>

   <td></td>

   <td class="heading">City:</td>

   <td><input type="text" name="city" id="city" value="" /></td>

</tr>

<tr>

   <td></td>

   <td class="heading">State:</td>

   <td><input type="text" name="state" id="state" value="" /></td>

</tr>

<tr>

   <td></td>

   <td class="heading">Postal code:</td>

   <td><input type="text" name="postal_code" id="postal_code" value="" /></td>

</tr>

<tr>

   <td></td>

   <td class="heading">Country:</td>

   <td><input type="text" name="country" id="country" value="" /></td>

</tr>

<tr>

   <td><img src="images/mail.png" /></td>

   <td class="heading">Work Address:</td>

   <td><input type="text" name="workstreet" id="workstreet" value="" /></td>

</tr>

<tr class="spacer"><td colspan="3"></tr>

<tr>

   <td><img src="images/phone.png" /></td>

   <td class="heading">Work phone:</td>

   <td><input type="text" name="telephone_number" id="telephone_number" value="" /></td>

</tr>

<tr>

   <td></td>

   <td class="heading">Home phone:</td>

   <td><input type="text" name="homephone_number" id="homephone_number" value="" /></td>

</tr>

<tr>

   <td></td>

   <td class="heading">Mobile:</td>

   <td><input type="text" name="mobile_number" id="mobile_number" value="" /></td>

</tr>

<tr>

   <td></td>

   <td class="heading">Email:</td>

   <td><input type="text" name="email_address" id="email_address" value="" /></td>

</tr>

<tr>

   <td></td>

   <td class="heading">URL:</td>

   <td><input type="text" name="url" id="url" value="" /></td>

</tr>

<tr class="spacer"><td colspan="3"></tr>

<tr>

   <td></td>

   <td class="heading">Container:</td>

   <td><input type="text" name="container" size="40"

      value="<?php if( isset( $container ) )

            echo htmlspecialchars( $container );

              else

            echo htmlspecialchars( $default_container . ',' . $servers[$server_id]['base'] ); ?>" />

      <?php draw_chooser_link( 'address_form.container' ); ?></td>

   </td>

</tr>

<tr>

   <td colspan="3"><center><br /><input type="submit" value="Proceed &gt;&gt;" /></td>

</tr>

</table>

</center>

<?php } elseif( $step == 2 ) {

   $common_name = trim( $_POST['common_name'] );

   $first_name = trim( $_POST['first_name'] );

   $last_name = trim( $_POST['last_name'] );

   $organization = trim( $_POST['organization'] );

   $city = trim( $_POST['city'] );

     $state = trim( $_POST['state'] );

     $title = trim( $_POST['title'] );

     $country = trim( $_POST['country'] );

     $url = trim( $_POST['url'] );

   $postal_code = trim( $_POST['postal_code'] );

   $street = trim( $_POST['street'] );

     $workstreet = trim( $_POST['workstreet'] );

   $telephone_number = trim( $_POST['telephone_number'] );

   $homephone_number = trim( $_POST['homephone_number'] );

   $mobile_number = trim( $_POST['mobile_number'] );

   $email_address = trim( $_POST['email_address'] );

   $container = trim( $_POST['container'] );

   /* Critical assertions */

   0 != strlen( $common_name ) or

      pla_error( "You cannot leave the Common Name blank. Please go back and try again." );

   ?>

   <center><h3>Confirm entry creation:</h3></center>

   <form action="create.php" method="post">

   <input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />

   <input type="hidden" name="new_dn" value="<?php echo htmlspecialchars( 'cn=' . $common_name . ',' . $container ); ?>" />

   <!-- ObjectClasses  -->

   <?php $object_classes = rawurlencode( serialize( array( 'top', 'person', 'organizationalPerson', 'inetOrgPerson', 'officePerson' ) ) ); ?>

   <input type="hidden" name="object_classes" value="<?php echo $object_classes; ?>" />

   <!-- The array of attributes/values -->

   <input type="hidden" name="attrs[]" value="cn" />

      <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($common_name);?>" />

   <input type="hidden" name="attrs[]" value="givenName" />

      <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($first_name);?>" />

   <input type="hidden" name="attrs[]" value="sn" />

      <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($last_name);?>" />

   <input type="hidden" name="attrs[]" value="o" />

      <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($organization);?>" />

   <input type="hidden" name="attrs[]" value="l" />

      <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($city);?>" />

         <input type="hidden" name="attrs[]" value="st" />

            <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($state);?>" />

         <input type="hidden" name="attrs[]" value="c" />

            <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($country);?>" />

         <input type="hidden" name="attrs[]" value="postalAddress" />

            <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($workstreet);?>" />

         <input type="hidden" name="attrs[]" value="title" />

            <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($title);?>" />

   <input type="hidden" name="attrs[]" value="postalCode" />

      <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($postal_code);?>" />

   <input type="hidden" name="attrs[]" value="homePostalAddress" />

      <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($street);?>" />

   <input type="hidden" name="attrs[]" value="telephoneNumber" />

      <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($telephone_number);?>" />

   <input type="hidden" name="attrs[]" value="homePhone" />

      <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($homephone_number);?>" />

   <input type="hidden" name="attrs[]" value="mobile" />

      <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($mobile_number);?>" />

   <input type="hidden" name="attrs[]" value="mail" />

      <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($email_address);?>" />

   <input type="hidden" name="attrs[]" value="URL" />

      <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($url);?>" />

   <center>

   <table class="confirm">

   <tr class="even">

      <td class="heading">Common name:</td>

      <td><b><?php echo htmlspecialchars( $common_name ); ?></b></td>

   </tr>

   <tr class="odd">

      <td class="heading">First name:</td>

      <td><b><?php echo htmlspecialchars( $first_name ); ?></b></td>

   </tr>

   <tr class="even">

      <td class="heading">Last name:</td>

      <td><b><?php echo htmlspecialchars( $last_name ); ?></b></td>

   </tr>

   <tr class="odd">

      <td class="heading">Organization:</td>

      <td><?php echo htmlspecialchars( $organization ); ?></td>

   </tr>

   <tr class="even">

      <td class="heading">City:</td>

      <td><?php echo htmlspecialchars( $city ); ?></td>

   </tr>

   <tr class="odd">

      <td class="heading">Postal code:</td>

      <td><?php echo htmlspecialchars( $postal_code ); ?></td>

   </tr>

   <tr class="even">

      <td class="heading">Street:</td>

      <td><?php echo htmlspecialchars( $street ); ?></td>

   </tr>

   <tr class="odd">

      <td class="heading">Work phone:</td>

      <td><?php echo htmlspecialchars( $telephone_number ); ?></td>

   </tr>

   <tr class="even">

      <td class="heading">Home phone:</td>

      <td><?php echo htmlspecialchars( $homephone_number ); ?></td>

   </tr>

   <tr class="odd">

      <td class="heading">Mobile:</td>

      <td><?php echo htmlspecialchars( $mobile_number ); ?></td>

   </tr>

   <tr class="even">

      <td class="heading">Email:</td>

      <td><?php echo htmlspecialchars( $email_address ); ?></td>

   </tr>

   <tr class="odd">

      <td class="heading">Container:</td>

      <td><?php echo htmlspecialchars( $container ); ?></td>

   </tr>

   </table>

   <br /><input type="submit" value="Create Address" />

   </center>

   </form>

<?php } ?>

</body>

</html>

```

----------

## reinier

Please also read my posts at https://forums.gentoo.org/viewtopic.php?p=825542#825542 (and the one above that).  My first problem is getting ldapadd to work for me...

ldapadd -D '...' -f directory.ldif -w secret -v

ldap_initialize( <DEFAULT> )

ldap_bind: Invalid credentials

My second problem is basically that phpldapadmin doesn't seem to work... does anyone have any suggestions?  :Smile: 

----------

## karwoski

Another very minor typo:

 *Quote:*   

> Now you can add the new cantainer with 'ldapadd' 

 

Thanks for the guide.  Can't wait to try it out.

----------

## DumbAss

Can Outlook and evolution use the same directory now? Or do you have to use two different ones? That would suck.

And can you write with outlook to the directory or do you need to use a third-party tool?

----------

## braindead0

Is there any way to allow gpilot to sync up with ldap and update ldap?  I'd love to have ldap running at home and sync my palm with it..take it to work, sync with outlook...etc..

----------

## vdboor

great howto.  :Smile:  but I'm curious, what does this mean:?

```
root# ldapadd -D "dc=linux,dc=lan" -f my-own.ldif -w secret

ldap_bind: Invalid credentials
```

----------

## mariourk

 *DumbAss wrote:*   

> Can Outlook and evolution use the same directory now? Or do you have to use two different ones? That would suck.
> 
> And can you write with outlook to the directory or do you need to use a third-party tool?

 

Evolution can use the same directory. However, you have to search the contacts manualy. In outlook you can just type the name in the "to" field.

Outlook will automaticly search the ldap-directory for contacts that match this name. Evolution doesn't have this function   :Sad: 

----------

## mariourk

 *vdboor wrote:*   

> great howto.  but I'm curious, what does this mean:?
> 
> ```
> root# ldapadd -D "dc=linux,dc=lan" -f my-own.ldif -w secret
> 
> ...

 

The the directory in your "ldapadd command" ("dc=linux,dc=lan") is wrong.

What does the suffix-line in your /etc/openldap/slapd.conf say? Use those values.

----------

## mariourk

 *braindead0 wrote:*   

> Is there any way to allow gpilot to sync up with ldap and update ldap?  I'd love to have ldap running at home and sync my palm with it..take it to work, sync with outlook...etc..

 

What do you mean, sync your palmtop with the ldap-database? I suppose that depends on the sync-software of your palm...

If you wish to update the ldap-database with the values of your palm, Iam afraid that's not gonna work. As far as I know it is not possible to edit a ldap-directory with any email program (like outlook, Evolution, etc)

----------

## mariourk

In case you didn't figure it out yet, phpldapadmin can perfectly be used to add new contacts. Just click on "create new" (make sure you choose the right one, the upper one  :Wink:  ) and choose " Address Book Entry (inetOrgPerson)". Fill in the right values (name, email, etc) click on proceed and confirm. The contacts added this way will be a little different that those who where added like dircribed in my howto. But thay work perfectly   :Very Happy: 

----------

## reinier

 *mariourk wrote:*   

> In case you didn't figure it out yet, phpldapadmin can perfectly be used to add new contacts. Just click on "create new" (make sure you choose the right one, the upper one  ) and choose " Address Book Entry (inetOrgPerson)". Fill in the right values (name, email, etc) click on proceed and confirm. The contacts added this way will be a little different that those who where added like dircribed in my howto. But thay work perfectly  

 

Hey mariourk, I have finally succesfully set up openldap/2.0.27 and phpmyadmin/2.5.4 ...  slapd is running and I added a test entry which I can also access with MS Outlook.  I also figured out how to access phpmyadmin and can log in...

My problem is now that I don't know how to access the entries I made with ldapadd (appear to be dbb files in /var/lib/openldap-ldbm/) in phpmyadmin (looking for mysql databases like MYD MYI frm in /var/lib/mysql/)...

I tried symlinking my ../openldap-ldbm/ directory to /var/lib/mysql/ but phpmyadmin returned an error message (13 if I remember correctly).  How can I access and change my LDAP entries in phpmyadmin?  Specific instructions would be helpful  :Smile: 

----------

## mariourk

 *reinier wrote:*   

>  *mariourk wrote:*   In case you didn't figure it out yet, phpldapadmin can perfectly be used to add new contacts. Just click on "create new" (make sure you choose the right one, the upper one  ) and choose " Address Book Entry (inetOrgPerson)". Fill in the right values (name, email, etc) click on proceed and confirm. The contacts added this way will be a little different that those who where added like dircribed in my howto. But thay work perfectly   
> 
> Hey mariourk, I have finally succesfully set up openldap/2.0.27 and phpmyadmin/2.5.4 ...  slapd is running and I added a test entry which I can also access with MS Outlook.  I also figured out how to access phpmyadmin and can log in...
> 
> My problem is now that I don't know how to access the entries I made with ldapadd (appear to be dbb files in /var/lib/openldap-ldbm/) in phpmyadmin (looking for mysql databases like MYD MYI frm in /var/lib/mysql/)...
> ...

 

I have no experience with "phpmyadmin". I use "phpldapadmin".

Another program I used (and worked good) is "ldapbrowser". Maybe you can give that a try.

----------

## reinier

Ah sorry  :Shocked: , I was thinking something else when I wrote my last post...  But I actually do have a problem with my phpldapadmin/0.9.3 install.  When I try to access the http://host/phpldapadmin/ I receive the error message:

"Your install of PHP appears to be missing LDAP support. Please install LDAP support before using phpLDAPadmin."

I tried re-emerging php and mod_php with the USE="ldap" command (it is also included in my /etc/make.conf file, but to no avail...  other apps like squirrelmail (which also uses php but not ldap) do work.  Strangely enough, my test.php file (with <? phpinfo(); ?>) shows:

Configure Command (table one, third row)

'./configure' ........ '--without-ldap' ....... '--with-config-file-path=/etc/php/apache1-php4'

Does that give some clue as to why my PHP is installed without LDAP support?  Do I have to re-emerge apache or something else, that doesn't really make sense to me...  (btw, I restarted apache and slapd whenever I thought necessary).  Any help would be appreciated  :Wink: 

----------

## mariourk

It seems that Apache needs to be emerged with ldap support.

Perhaps the time you emerged Apache you hadn't ldap in you USE-flags, so Apache is emerged without ldap support.

```

Chimaera root # emerge apache -vp

 

These are the packages that I would merge, in order:

 

Calculating dependencies ...done!

[ebuild   R   ] net-www/apache-2.0.48-r1  +berkdb +gdbm +ldap

```

I think that re-emerging apache, this time with ldap support, will solve your problem.

----------

## reinier

Thanks for your quick reply... I decided to start a new thread: https://forums.gentoo.org/viewtopic.php?p=843040#843040 because I think the problem lies with the apache-1 ebuilds not supporting LDAP.  I would rather not install apache-2 if I don't have to...  Maybe you have some suggestions as to how I can add LDAP support to apache-1?

----------

## pens

Is there any way to import Outlook/Mozilla/Evolution address books into the openldap database?

----------

## mariourk

 *pens wrote:*   

> Is there any way to import Outlook/Mozilla/Evolution address books into the openldap database?

 

Check the last link of my howto. I red something about that, there.

----------

## reinier

 *mariourk wrote:*   

> By now you should now what should be edited. You only have to edit a few first lines so phpldapadmin knows what the name, passwd, etc of your LDAP database is. Don't forget to save it as config.php!!
> 
> Now you can access and maintain your LDAP database with your browser. Open your browser and give the ip of your Gentoo-server. For example:
> 
> ```
> ...

 

I really appreciate your help... unfortunately, this part of your instructions was a bit unclear.  I'm now trying to edit the following in my ../phpldapadmin/config.php file:

```
$servers[$i]['name'] = 'server name';

$servers[$i]['auth_type'] = 'form or config, (form works best i think)';

$servers[$i]['login_dn'] = 'uid=myusername,cn=users,dc=mydomain,dc=com';

$servers[$i]['login_pass'] = 'my password';
```

I'm not sure on auth_type, login_dn, and login_pass...  The form auth_type seems good but I haven't figured out what I should use for login_dn and login_pass ..?  For reference sake, this is my slapd.conf:

```
include         /etc/openldap/schema/core.schema

include         /etc/openldap/schema/cosine.schema

include         /etc/openldap/schema/inetorgperson.schema

include         /etc/openldap/schema/extension.schema

pidfile         /var/run/openldap/slapd.pid

argsfile        /var/run/openldap/slapd.args

database        ldbm

suffix          "dc=smit, dc=nl"

rootdn          "dc=smit, dc=nl"

rootpw          secret

directory       /var/lib/openldap-ldbm

index   cn,sn           pres,eq,sub

index   objectClass     eq

```

Once again, any advice/help would be greatly appreciated  :Smile: 

----------

## mariourk

This is all I changed in my config.php

```

<?php

 

/*

 *                  The phpLDAPadmin config file

 *

 *   This is where you customize phpLDAPadmin. The most important

 *   part is immediately below: The "LDAP Servers" section.

 *   You must specify at least one LDAP server there. You may add

 *   as many as you like. You can also specify your language, and

 *   many other options.

 *

 */

 

// Your LDAP servers

$i=0;

$servers = array();

$servers[$i]['name'] = 'My LDAP Server';    /*  A convenient name that will appear in

                                                the tree viewer */

$servers[$i]['host'] = 'localhost';  /*  Examples: 'ldap.example.com',

                                                'ldaps://ldap.example.com/'

                                                Note: Leave blank to remove it from the list

                                                of servers in the tree viewer*/

$servers[$i]['base'] = 'dc=gentoo,dc=com'; /*  The base DN of your LDAP server. Leave this

                                                blank to have phpLDAPadmin

                                                auto-detect it for you. */

$servers[$i]['port'] = 389;                 /*  The port your LDAP server listens on

                                                (no quotes) */

$servers[$i]['auth_type'] = 'config';       /*  2 options: 'form': you will be prompted, and

                                                a cookie stored with your login dn and

                                                password. 'config': specify your login dn

                                                and password here. In both cases, use caution! */

$servers[$i]['login_dn'] = 'dc=gentoo,dc=com';

                                            /*  For anonymous binds, leave the

                                                login_dn and login_pass blank */

$servers[$i]['login_pass'] = 'secret';

```

As you see, only the first few lines of the config file. The Rest, I didn't even looked at it   :Wink: 

In your case it would be:

```

<?php

 

/*

 *                  The phpLDAPadmin config file

 *

 *   This is where you customize phpLDAPadmin. The most important

 *   part is immediately below: The "LDAP Servers" section.

 *   You must specify at least one LDAP server there. You may add

 *   as many as you like. You can also specify your language, and

 *   many other options.

 *

 */

 

// Your LDAP servers

$i=0;

$servers = array();

$servers[$i]['name'] = 'My LDAP Server';    /*  A convenient name that will appear in

                                                the tree viewer */

$servers[$i]['host'] = 'localhost';  /*  Examples: 'ldap.example.com',

                                                'ldaps://ldap.example.com/'

                                                Note: Leave blank to remove it from the list

                                                of servers in the tree viewer*/

$servers[$i]['base'] = 'dc=smit,dc=nl'; /*  The base DN of your LDAP server. Leave this

                                                blank to have phpLDAPadmin

                                                auto-detect it for you. */

$servers[$i]['port'] = 389;                 /*  The port your LDAP server listens on

                                                (no quotes) */

$servers[$i]['auth_type'] = 'config';       /*  2 options: 'form': you will be prompted, and

                                                a cookie stored with your login dn and

                                                password. 'config': specify your login dn

                                                and password here. In both cases, use caution! */

$servers[$i]['login_dn'] = 'dc=smit,dc=nl';

                                            /*  For anonymous binds, leave the

                                                login_dn and login_pass blank */

$servers[$i]['login_pass'] = 'secret';

```

Be careful that you don't open the phpldapadmin page to the whole world. This means that everyone has write access to you LDAP-directory!!

At least protect the page with apache.

----------

## pens

I found a neat website that talks about how to convert outlook addressbooks to the openldap server. It even includes a perl script to fix mozilla's ldif output.

http://wlug.org.nz/LDAPInstallation

----------

## DumbAss

 *mariourk wrote:*   

> 
> 
> As far as I know it is not possible to edit a ldap-directory with any email program (like outlook, Evolution, etc)

 

Why's that? Hasn't anyone had that idea? Or is it to difficult to program?

----------

## traviswu

ftp://ftp.gin.cz/pub/mswindows/the_bat/utilities/wab2ldif.exe

this is a wab2ldif converter.. it may help to convert windows address book to LDAP.  

 :Smile:  I'm gonna try it first and I'll have everybody posted.  :Very Happy: 

----------

## jordant

Thanks for the very useful tutorial... I have my LDAP server setup, but I can't seem to access it using phpldapadmin.

I get this error message on the left sidebar on attempt:

```
rose

      Could not connect to LDAP server.
```

Any suggestions?

----------

## mariourk

I suppose it's some type-error in the phpldapadmin configuration-file. Most likely the password or

the login_dn. Check the post I posted in this topic on Sun Feb 08, 2004 7:35 am, to help Reinier. I think this might help you as well.

----------

## Cybergod091281

hi, while following ur howto I ran into some problems after starting slapd and trying to add the directory.ldif:

```
Kerberos openldap # /etc/init.d/slapd start

 * Starting ldap-server...                                                                                       [ ok ]

Kerberos openldap # ldapadd -D "dc=d-c-a, dc=ath, dc=cx" -f directory.ldif -W

Enter LDAP Password:

SASL/GSSAPI authentication started

ldap_sasl_interactive_bind_s: Local error (82)

        additional info: SASL(-1): generic failure: GSSAPI Error: Miscellaneous failure (No credentials cache found)

Kerberos openldap # 
```

did anyone of u see something like this while following the howto?

----------

## mariourk

It seems to be a problem with DNS. http://www.openldap.org/faq/data/cache/833.html

Someone suggested to take a look at the /etc/hosts file

----------

## Cybergod091281

i didn't set up a dns-server in my network and my /etc/resolv.conf looks like:

```
#domain Kerberos.d-c-a.ath.cx

nameserver 194.25.2.129

nameserver 194.25.2.132

```

so I'm a little bit confused. after some reading through several websites I found out, the error occures when openldap - sasl - kerberos have some problem with authentification, but I'm not sure how to solve it.

----------

## ralle

I'm very new to this ldap thing so don't shoot me if my question is damn stupid.

As I understand, I have to setup a domain and a domain suffix. This might work with real domain names, like "gentoo.org", but I want to use ldap on my home network which is called like that:

```

bender root # hostname

bender.futurama

```

So my question: Will a setting like this (empty domain suffix) work?

```

suffix          "dc=futurama,dc="

rootdn          "dc=futurama,dc="

```

Or should I just delete the second "dc="?

Second question:

Can an ldap server be used to authenticate users and to serve as global adressbook at the same time?

----------

## mariourk

Or should I just delete the second "dc="?

I guess so... As far as I know the suffix has actually nothing to do with your domain. I think that it is common to use your doamain as your suffix to keep things clear.

I think that dc=futurama works fine. Otherwise you could use

dc=futurama,dc=com or something like that.

Let us know how this worked out for you.

Can an ldap server be used to authenticate users and to serve as global adressbook at the same time?

I have absolutely no idea. I think it shoud be possible. As far as I know you can

create multiple "trees" The tree you create in this howto is ou=addressbook

I think you can create a second tree that contains the logon information.

If you succeed, would you post here how you did it?

----------

## VanDan

I have a question about the line:

```
dc=our_domain,dc=com
```

We are in Australia, so our full domain is nusconsulting.com.au

How do I represent that?

```
dc=nusconsulting,dc=com,dc=au
```

or maybe

```
dc=nusconsulting,dc=com.au
```

What's going on?

----------

## mariourk

```

dc=nusconsulting,dc=com,dc=au

```

That is the right one. But as far as I know, it's possible to use

something different than your domain. I guess that most people

use their domain to keep things in order.

I think it should be possible to use something different then your

domain. For example:

```

dc=my,dc=openldap,dc=database

```

You might give it a try and let us know.   :Wink: 

----------

## mariourk

I updated my howto. It now also explains how to backup and restore your

adressbook (and it's about time...  :Wink:  ) So if something happens to your ldap-

server. You still have a backup to undo the damage  :Smile: 

----------

## agrippa_cash

I have a similar setup at work and my domains are not FQDN.  They don't even have to LOOK like FQDN.  My domain at work is "dc=local, dc=firmname."  

I found phpldapadmin to be a little slow and too powerful and intimidating for users.[url] http://www.devshed.com/c/a/PHP/Using-PHP-With-LDAP-part-2/[/url] has a good tutorial on making your own forms.  I set up an intranet site that allows anybody who wants to add an entry to do so.  They could throretically screw things up since they have write access, but the pages I wrote only allow access to "ou=Addressbook."

On thing NOT mentioned in that site is: If you are populating form fields from the database, the ldap field must be all lowercase (eg: 'telephoneNumber' would be 'telephonenumber')  Also the objectclasses should be made part of an array (when there is more than one).

----------

## riggagoogoo

would users of Outlook still be able to click on the 'Add user to address book' and have that add it straight in to the LDAP or would they need to inform the LDAP andmin and have him/her add it in??

Cheers

RiGGa

----------

## meulie

Hmm, openldap doesn't want to emerge:

```

>>>>> Starting test000-rootdse ...

running defines.sh

Datadir is ./data

Cleaning up in ./test-db...

Starting slapd on TCP/IP port 9009...

Using ldapsearch to retrieve the root DSE...

Waiting 5 seconds for slapd to start...

Waiting 5 seconds for slapd to start...

Waiting 5 seconds for slapd to start...

Waiting 5 seconds for slapd to start...

Waiting 5 seconds for slapd to start...

Waiting 5 seconds for slapd to start...

ldap_bind: Can't contact LDAP server (81)

>>>>> Test failed

>>>>> ./scripts/test000-rootdse failed (exit 1)

make: *** [test-bdb] Error 1

 

!!! ERROR: net-nds/openldap-2.1.30 failed.

!!! Function src_compile, Line 137, Exitcode 2

!!! make tests failed

```

Any suggestions anyone?     :Cool: 

----------

## mariourk

```

Starting slapd on TCP/IP port 9009...

```

And then,

```

ldap_bind: Can't contact LDAP server (81)

```

I think this is a firewall problem. Does your LDAP server accept everything from localhost

on port 9009?

----------

## meulie

It's all running on the same machine... I'm trying to install LDAP on localhost...     :Cool: 

----------

## mariourk

That's what I'm saying...   :Confused: 

```

Does your LDAP server accept everything from [b]localhost[/b]

on port 9009?

```

It's possible that a firewall blocks TCP/IP traffic from/to localhost.

----------

## meulie

To my knowledge this is not the case...

I've also tried a

     netstat -a --numeric-ports

to check whether anything was holding the port, but nope...

Any other suggestions?    :Cool: 

----------

## mariourk

Check this: http://forums.devshed.com/archive/t-129109

try to move /var/lib/ldap to /var/lib/ldapOLD.

If that still doesn't work, open a second terminal and type:

```

tail -f /var/log/everything/current

```

Start ldap again and see what the logs say. It is most of the time

very helpful  :Wink: 

----------

## meulie

Well, my machine didn't have any /var/lib/ldap so I moved on to the 2nd option...    :Cool: 

Not much in the log, only:

```

May 22 11:31:18 sb62g2 lt-slapd[30710]: sql_select option missing

May 22 11:31:18 sb62g2 lt-slapd[30710]: auxpropfunc error no mechanism available

May 22 11:31:18 sb62g2 lt-slapd[30710]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql

[quote]

Who's next with helpful advice?  ;)

[/quote]
```

----------

## mariourk

Did you also create a new, empty /var/lib/ldap directory?

----------

## meulie

I had not done that, figuring that the 'emerge openldap' command would do it's testing within the /var/tmp/portage/openldap-2.1.30 directory...    :Cool: 

But even when I did re-create that directory there was no difference. Still getting the same error message...

----------

## mariourk

How exactly did you emerge openldap?

```

emerge openldap -vp

```

you could try to emerge is with or without sasl support and see how it

works out.

```

USE="-sasl" emerge openldap

```

----------

## toskala

 *golem wrote:*   

> thx to mariourk for the how-to... got my ldap up and running, to find out that moz thunderbird doesnt really support it all that well as of yet :/
> 
> installed phpLDAPadmin on my system and hacked up the new_address_template.php to work with the settings described in the howto (a quick and dirty hack, but should work for yall)
> 
> 

 

thanks for your hack :_) it allows me to fill "position" in the outlook contacts now  :Smile: 

but what is not yet clear to me is how i find out what the name of the attributes is when i want to complete the outlook contact capabilities.

for example, assistant, room no., and stuff what outlook offers.

any hints how i can find out how this will work?

----------

## Dr_Stein

jimihendrix schema # ldapadd -D 'dc=jtllc,dc=com' -f jnichols.ldif -W

Enter LDAP Password: 

adding new entry "cn=Jonathan Nichols,mail=jnichols@jtllc.com"

ldapadd: update failed: cn=Jonathan Nichols,mail=jnichols@jtllc.com

ldap_add: Server is unwilling to perform (53)

        additional info: referral missing

jimihendrix schema # 

=/ 

I still have the same problem someone else did - the "extension.schema" causing errors on startup. Commenting it out lets everything work.

The ONLY ONLY ONLY thing that I have to do now is to get the "streetAddress" attribute to show up - then both OS X Address Book and Mozilla/Thunderbird will be working GREAT with OpenLDAP.

Help? Anyone done this? 

Mozilla looks for:

Jun  7 19:32:02 jimihendrix slapd[11767]: conn=476 op=1 SRCH attr=modifytimestamp xmozillausehtmlmail description notes custom4 custom3 custom2 custom1 birthyear homeurl workurl nscpaimscreenname countryname company o departmentnumber department orgunit ou title countryname zip postalcode region st locality l streetaddress postofficebox carphone cellphone mobile pagerphone pager facsimiletelephonenumber fax homephone telephonenumber xmozillasecondemail mail xmozillanickname displayname commonname cn surname sn givenname 

I have phpldapadmin but the "streetAddress" attribute isn't showing up in it, so I can't add it. I can't import the LDIF from there either because of the error noted above.

Help!  :Sad: 

----------

## Caltex

Hi 

i got up to the line 

ldap -D "dc=gentoo, dc=org" -f directory.ldif -W 

in your howto, and i get the error: 

```
ldapadd -D "dc=flyingsparks, dc=homelinux, dc=net" -f directory.ldif -W 

Enter LDAP Password: 

adding new entry "dc=flyingsparks, dc=homelinux, dc=org " 

ldapadd: update failed: dc=flyingsparks, dc=homelinux, dc=org 

ldap_add: Server is unwilling to perform (53) 

        additional info: referral missing 
```

any ideas? 

also, does it matter where you put directory.ldif and container.ldif? or do you create them anywhere, and ldifadd takes care of it? 

Thanks

----------

## Caltex

ok, its working now.

One thing to note, ldapadd does not like trailing spaces on any of the lines. and when i copied it, for some reason it put a space after everything.

----------

## jbro164

After: 

```
ldapadd -D "dc=homeftp, dc=net" -f directory.ldif -W
```

I get This error - Any Ideas???

```
SASL/DIGEST-MD5 authentication started

ldap_sasl_interactive_bind_s: Internal (implementation specific) error (80)

        additional info: SASL(-13): user not found: no secret in database
```

Thanks

----------

## radonsg

for a domain name of test.example.com, what will the suffix & rootdn be like in the slapd.conf? 

```
 "dc=test,dc=example,dc=com" 
```

And for directory.ldif file, is the following code correct?

```

dn:     dc=test, dc=example, dc=com

objectClass:    top

objectClass:    dcObject

objectClass:    organization

dc:    test,  example

o:      Test Company

```

Thanks.

----------

## sushyad

Here are the scripts I use to backup my address book into cvs if there is any change in the address book. The scripts take care of stripping the unnecessary stuff from the slapcat output.

Create a script; lets call it script1:

```
#!/bin/bash

cd /tmp

/usr/sbin/slapcat -f /etc/openldap/slapd.conf | \

sed -e 's/modif.*//' \

        -e 's/entry.*:.*//' \

        -e 's/creat.*:.*//' \

        -e 's/structuralObj.*//' \

        -e '/^$/d' \

        -e 's/^dn:/\ndn:/g' | \

sed     -e '1,1D' > $1

```

Create another script; lets call it script2:

```
#!/bin/bash

source /etc/profile

cd /tmp

cvs co backups &> /dev/null

if cmp /tmp/abook /tmp/backups/AddressBook.ldif &> /dev/null  # Suppress output.

then

        echo "Address book same as yesterday."

else

        cp /tmp/abook /tmp/backups/AddressBook.ldif

        cvs commit -m "Daily address book backup" backups

fi

rm -rf /tmp/backups

exit

```

And then setup a cron job in /etc/cron.daily folder:

```
#!/bin/sh

/etc/init.d/slapd stop

script1 /tmp/abook

/etc/init.d/slapd start

su - <username> -c '<path to the script>/script2'

```

----------

## numerodix

 *riggagoogoo wrote:*   

> would users of Outlook still be able to click on the 'Add user to address book' and have that add it straight in to the LDAP or would they need to inform the LDAP andmin and have him/her add it in??
> 
> Cheers
> 
> RiGGa

 

I'm wondering about this myself, could I use ldap "interactively" in evolution or kaddressbook or whatever to add/update entries? Or does it have to go through phpldapadmin?

----------

## SnowDeath

I just followed your instructions today and found one error. Where you say to:

```
#nano -w /etc/slapd.conf

```

It should be

```
#nano -w /etc/openldap/slapd.conf
```

Thanks for the guide!

----------

## d0wn_under

When I try to add the first contact I am getting the following error:

```

adding new entry "cn=robin,ou=addressbook,dc=krynn,dc=int"

ldap_add: Naming violation (64)

        additional info: value of naming attribute 'cn' is not present in entry

```

my contact.ldif file is:

dn: cn=robin,ou=addressbook,dc=krynn,dc=int

ou: addressbook

o: My internal domain.

cn: Fred Blogs

objectClass: top

objectClass: person

objectClass: organizationalPerson

objectClass: inetOrgPerson

objectClass: officePerson

mail: fred@blogs.com

givenname: Fred

sn: Blogs

homePostalAddress: My house address

postalAddress: My work address

l: Towny

st: Statey

postalcode: E3 3EE

c: UK

pager: not available

telephoneNumber: 01111 2223333

homePhone: 01111 2223334

mobile: 01111 2223335

title: Mr

URL: http://www.glogs.com

and I am using the command:

ldapadd -D "dc=krynn, dc=int" -f contact.ldif -W

Any ideas?

----------

## Lead

I had the same.. make the two 'cn' parts the same:

```
dn: cn=Fred Blog,ou=addressbook,dc=krynn,dc=int

ou: addressbook

o: My internal domain.

cn: Fred Blogs

....
```

----------

## d0wn_under

That fixed it, just got to wait till I get home to see if evolution can see it now

----------

## Lead

Well thats where I am now too.. I can connect with thunderbird perfectly but no luck with evolution. All I get is the error message 'Error loading addressbook...'

In this case (from this topic) what should the Log in method, Login, Search base, etc be?

edit: never mind, it works now..  it was a typo in the DN  :Smile: 

----------

## rasto

 *jbro164 wrote:*   

> After: 
> 
> ```
> ldapadd -D "dc=homeftp, dc=net" -f directory.ldif -W
> ```
> ...

 

try to use ldapadd -D "dc=homeftp, dc=net" -x -f directory.ldif 

-x tells it to use simple authentification

rasto

----------

## DeadMonkey

Excellent guide, and now I have a working OpenLDAP server to use as a common address book for Outlook 2000 / Outlook 2003 clients.

They only problem I'm having at this point:  When I start a new e-mail and open up the LDAP address book it comes up blank.  I have to use "find" and then enter in a search to find the user. 

Is that by design or is there something I'm missing?  I'd really like to pull up the LDAP address book and show all available entries instead of the ones I've had to manually search for.  

Thanks for any help, and again great guide!

----------

## wizard69

Thx for the great guide after a few problems everythings up and running. But i am having the same problem as deadmonkey my address book in outlook come up blank I have to use "find" and then enter in a search to find the user.  Is there a work around for this problem?

----------

## bzImage

 *rasto wrote:*   

>  *jbro164 wrote:*   After: 
> 
> ```
> ldapadd -D "dc=homeftp, dc=net" -f directory.ldif -W
> ```
> ...

 

im getting:

```

ldapadd -D "dc=dummy,dc=com.mx" -x -f directory.ldif -W

Enter LDAP Password:

ldap_bind: Invalid credentials (49)

```

????

----------

## d0wn_under

I do this to add things:

ldapadd -x -D "cn=Manager,dc=krynn,dc=int" -W -f file.ldif

I think that it is the cn=Manager you are missing

----------

## tomga

thx to golem for the modified new_user_template.php.

i just added more "outlook" fields to the template. these are all the fields to fill in with the given "schema" + the "extension schema".

this one is the german translation, i will post the english one later.

just copy this php to the "phpldapadmin/templates/creation/new_user_template.php" (you should backup the original "new_user_template.php" file before). 

now you will see the new fields when you add a new "user account" with phpLDAPadmin.

```

<?php

require 'common.php';

// customize this to your needs

$default_container = "ou=Addresses";

// Common to all templates

$container = $_POST['container'];

$server_id = $_POST['server_id'];

// Unique to this template

$step = isset( $_POST['step'] ) ? $_POST['step'] : 1;

check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );

have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );

?>

<script language="javascript">

<!--

/*

 * Populates the common name field based on the last

 * name concatenated with the first name, separated

 * by a blank

 */

function autoFillCommonName( form )

{

   var first_name;

   var last_name;

   var common_name;

        first_name = form.first_name.value;

        last_name = form.last_name.value;

   if( last_name == '' ) {

      return false;

   }

   common_name = first_name + ' ' + last_name;

   form.common_name.value = common_name;

}

-->

</script>

<center><h2>New Address Book Entry<br />

<small>(InetOrgPerson-Outlook modified)</small></h2>

</center>

<?php if( $step == 1 ) { ?>

<form action="creation_template.php" method="post" id="address_form" name="address_form">

<input type="hidden" name="step" value="2" />

<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />

<input type="hidden" name="template" value="<?php echo htmlspecialchars( $_POST['template'] ); ?>" />

<center>

<table class="confirm">

<tr class="spacer"><td colspan="2"></tr>

<tr>

   <td colspan="2">

      <table class="confirm">

   <tr>

      <td><img src="images/uid.png" /></td>

      <td class="heading">Vorname:</td>

      <td><input type="text" name="first_name" id="first_name" value="Vorname" onChange="autoFillCommonName(this.form)" /></td>

      <td></td>

      <td class="heading">Nachname:</td>

      <td><input type="text" name="last_name"id="last_name" value="Nachname" onChange="autoFillCommonName(this.form)" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">2. Vorname:</td>

      <td><input type="text" name="initials" id="initials" value="" /></td>

      <td></td>

      <td class="heading">Email:</td>

      <td><input type="text" name="mail" id="mail" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">Common name:</td>

      <td><input type="text" name="common_name" id="common_name" value="" /></td>

      <td></td>

      <td></td>

      <td></td>

   </tr>

   </table>

   </td>

</tr>

<tr class="spacer"><td colspan="2"></tr>

<tr>

   <td colspan="2">Gesch&auml;ftlich</td>

</tr>

<tr>

   <td colspan="2">

      <table class="confirm">

   <tr>

      <td><img src="images/mail.png" /></td>

      <td class="heading">Firma:</td>

      <td><input type="text" name="organization" id="organization" value="" /></td>

      <td></td>

      <td class="heading">Position:</td>

      <td><input type="text" name="title" id="title" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">Strasse:</td>

      <td rowspan="2"><textarea cols="20" rows="2" name="workstreet" id="workstreet"></textarea></td>

      <td></td>

           <td class="heading">Abteilung:</td>

           <td><input type="text" name="department" id="department" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td></td>

           <td></td>

           <td class="heading">B&uuml;ro:</td>

           <td><input type="text" name="physicaldeliveryofficename" id="physicaldeliveryofficename" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">Ort:</td>

      <td><input type="text" name="city" id="city" value="" /></td>

      <td></td>

           <td class="heading">Rufnummer:</td>

           <td><input type="text" name="telephonenumber" id="telephonenumber" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">Bundesland:</td>

      <td><input type="text" name="state" id="state" value="" /></td>

      <td></td>

           <td class="heading">Fax:</td>

           <td><input type="text" name="facsimiletelephonenumber" id="facsimiletelephonenumber" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">Postleitzahl:</td>

      <td><input type="text" name="postal_code" id="postal_code" value="" /></td>

      <td></td>

           <td class="heading">Pager:</td>

           <td><input type="text" name="pager" id="pager" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">Land/Region:</td>

      <td><input type="text" name="country" id="country" value="" /></td>

      <td></td>

           <td class="heading">IP-Telefon:</td>

           <td><input type="text" name="" id="" value="" readonly="readonly" style="background-color:lightgrey" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">Firmenwebsite:</td>

      <td colspan="4"><input type="text" name="url" id="url" value="" size="50" /></td>

   </tr>

      </table></td>

</tr>

<tr class="spacer"><td colspan="2"></tr>

<tr>

   <td colspan="2">Privat</td>

</tr>

<tr>

   <td colspan="2">

      <table class="confirm">

   <tr>

      <td><img src="images/mail.png" /></td>

      <td class="heading">Stra&szlig;e:</td>

      <td rowspan="2"><textarea cols="20" rows="2" name="homePostalAddress" id="homePostalAddress"></textarea></td>

      <td></td>

      <td class="heading">Rufnummer:</td>

      <td><input type="text" name="homePhone" id="homePhone" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td></td>

      <td></td>

      <td class="heading">Fax:</td>

      <td><input type="text" name="otherFacsimiletelephoneNumber" id="otherFacsimiletelephoneNumber" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">Ort:</td>

      <td><input type="text" name="" id="" value="" readonly="readonly" style="background-color:lightgrey" /></td>

      <td></td>

      <td class="heading">Mobiltelefon:</td>

      <td><input type="text" name="mobile" id="mobile" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">Bundesland:</td>

      <td><input type="text" name="" id="" value="" readonly="readonly" style="background-color:lightgrey" /></td>

      <td></td>

      <td class="heading">Postleitzahl:</td>

      <td><input type="text" name="" id="" value="" readonly="readonly" style="background-color:lightgrey" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">Land/Region:</td>

      <td><input type="text" name="" id="" value="" readonly="readonly" style="background-color:lightgrey" /></td>

      <td></td>

      <td></td>

      <td></td>

   </tr>   

   <tr>

      <td></td>

      <td class="heading">Website (privat):</td>

      <td colspan="4"><input type="text" name="" id="" value="" size="50" readonly="readonly" style="background-color:lightgrey" /></td>

   </tr>   

   </table>

</tr>

<tr class="spacer"><td colspan="2"></tr>

<tr>

   <td colspan="2">Andere</td>

</tr>

<tr>

   <td colspan="2">

      <table class="confirm">

   <tr>

      <td></td>

      <td class="heading" style="vertical-align:top;">Anmerkung:</td>

      <td><textarea cols="50" rows="5" name="comment" id="comment"></textarea></td>

      <td></td>

      <td></td>

      <td></td>

   </tr>

   </table>

   </td>

</tr>

<tr class="spacer"><td colspan="2"></tr>

<tr>

   <td colspan="2">Organisation</td>

</tr>

<tr>

   <td colspan="2">

      <table class="confirm">

   <tr>

      <td></td>

      <td class="heading">Manager:</td>

      <td><input type="text" name="Manager" id="Manager" value="" readonly="readonly" style="background-color:lightgrey" /></td>

      <td></td>

      <td class="heading">Reports:</td>

      <td><input type="text" name="Reports" id="Reports" value="" readonly="readonly" style="background-color:lightgrey" /></td>

   </tr>

   </table>

   </td>

</tr>

<tr class="spacer"><td colspan="2"></tr>

<tr>

   <td class="heading">Container:</td>

   <td><input type="text" name="container" size="60" value="<?php if( isset( $container ) )

            echo htmlspecialchars( $container );

              else

            echo htmlspecialchars( $default_container . ',' . $servers[$server_id]['base'] ); ?>" />

      <?php draw_chooser_link( 'address_form.container' ); ?></td>

   </td>

</tr>

<tr>

   <td colspan="2"><center><input type="submit" value="Fortfahren &gt;&gt;" /></td>

</tr>

</table>

</center>

<?php } elseif( $step == 2 ) {

   // Common

   $common_name = trim( $_POST['common_name'] );

   $first_name = trim( $_POST['first_name'] );

   $last_name = trim( $_POST['last_name'] );

   $initials = trim( $_POST['initials'] );

   $mail = trim( $_POST['mail'] );

   // Geschaeftlich

   $organization = trim( $_POST['organization'] );

   $title = trim( $_POST['title'] );

   $workstreet = trim( $_POST['workstreet'] );

   $department = trim( $_POST['department'] );

   $physicaldeliveryofficename = trim( $_POST['physicaldeliveryofficename'] );

   $city = trim( $_POST['city'] );

   $telephone_number = trim( $_POST['telephonenumber'] );

   $state = trim( $_POST['state'] );

   $facsimiletelephonenumber = trim( $_POST['facsimiletelephonenumber'] );

   $postal_code = trim( $_POST['postal_code'] );

   $pager = trim( $_POST['pager'] );

   $country = trim( $_POST['country'] );

   //$IPPhone = trim( $_POST['IPPhone'] );

   $url = trim( $_POST['url'] );

   //Privat

   $homePostalAddress = trim( $_POST['homePostalAddress'] );

   $homePhone = trim( $_POST['homePhone'] );

   $otherFacsimiletelephoneNumber = trim( $_POST['otherFacsimiletelephoneNumber'] );

   $mobile = trim( $_POST['mobile'] );

   //Andere

   $comment = trim( $_POST['comment'] );

   //Organisation

   $Manager = trim( $_POST['Manager'] );

   $Reports = trim( $_POST['Reports'] );

   /* Critical assertions */

   0 != strlen( $common_name ) or

      pla_error( "You cannot leave the Common Name blank. Please go back and try again." );

   ?>

   <center><h3>Confirm entry creation:</h3></center>

   <form action="create.php" method="post">

   <input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />

   <input type="hidden" name="new_dn" value="<?php echo htmlspecialchars( 'cn=' . $common_name . ',' . $container ); ?>" />

   <!-- ObjectClasses  -->

   <?php $object_classes = rawurlencode( serialize( array( 'top', 'person', 'organizationalPerson', 'inetOrgPerson', 'officePerson' ) ) ); ?>

   <input type="hidden" name="object_classes" value="<?php echo $object_classes; ?>" />

   <!-- The array of attributes/values -->

   <!-- common -->

   <input type="hidden" name="attrs[]" value="cn" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($common_name);?>" />

   <input type="hidden" name="attrs[]" value="givenName" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($first_name);?>" />

   <input type="hidden" name="attrs[]" value="sn" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($last_name);?>" />

   <input type="hidden" name="attrs[]" value="initials" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($initials);?>" />

   <input type="hidden" name="attrs[]" value="mail" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($mail);?>" />

   <!-- Geschaeftlich -->

   <input type="hidden" name="attrs[]" value="o" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($organization);?>" />

   <input type="hidden" name="attrs[]" value="title" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($title);?>" />

   <input type="hidden" name="attrs[]" value="postalAddress" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($workstreet);?>" />

   <input type="hidden" name="attrs[]" value="ou" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($department);?>" />

   <input type="hidden" name="attrs[]" value="physicaldeliveryofficename" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($physicaldeliveryofficename);?>" />

   <input type="hidden" name="attrs[]" value="l" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($city);?>" />   

   <input type="hidden" name="attrs[]" value="telephoneNumber" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($telephone_number);?>" />

   <input type="hidden" name="attrs[]" value="st" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($state);?>" />   

   <input type="hidden" name="attrs[]" value="facsimiletelephonenumber" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($facsimiletelephonenumber);?>" />   

   <input type="hidden" name="attrs[]" value="postalCode" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($postal_code);?>" />

   <input type="hidden" name="attrs[]" value="pager" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($pager);?>" />   

   <input type="hidden" name="attrs[]" value="c" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($country);?>" />

   <!--<input type="hidden" name="attrs[]" value="IPPhone" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($IPPhone);?>" />-->

   <input type="hidden" name="attrs[]" value="URL" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($url);?>" />

   <!-- Privat -->

   <input type="hidden" name="attrs[]" value="homePostalAddress" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($homePostalAddress);?>" />   

   <input type="hidden" name="attrs[]" value="homePhone" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($homePhone);?>" />

   <input type="hidden" name="attrs[]" value="otherFacsimiletelephoneNumber" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($otherFacsimiletelephoneNumber);?>" />

   <input type="hidden" name="attrs[]" value="mobile" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($mobile);?>" />

   <!-- Andere -->

   <input type="hidden" name="attrs[]" value="comment" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($comment);?>" />   

   <!-- Organisation -->

   <input type="hidden" name="attrs[]" value="Manager" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($Manager);?>" />   

   <input type="hidden" name="attrs[]" value="Reports" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($Reports);?>" />

   <center>

   <table class="confirm">

   <tr class="even">

      <td class="heading">Common name:</td>

      <td><b><?php echo htmlspecialchars( $common_name ); ?></b></td>

   </tr>

   <tr class="odd">

      <td class="heading">Vorname:</td>

      <td><b><?php echo htmlspecialchars( $first_name ); ?></b></td>

   </tr>

   <tr class="even">

      <td class="heading">Nachname:</td>

      <td><b><?php echo htmlspecialchars( $last_name ); ?></b></td>

   </tr>

   <tr class="odd">

      <td class="heading">Firma:</td>

      <td><?php echo htmlspecialchars( $organization ); ?></td>

   </tr>

   <tr class="even">

      <td class="heading">Stadt:</td>

      <td><?php echo htmlspecialchars( $city ); ?></td>

   </tr>

   <tr class="odd">

      <td class="heading">Postleitzahl:</td>

      <td><?php echo htmlspecialchars( $postal_code ); ?></td>

   </tr>

   <tr class="even">

      <td class="heading">Stra&szlig;e:</td>

      <td><?php echo htmlspecialchars( $workstreet ); ?></td>

   </tr>

   <tr class="odd">

      <td class="heading">Telefon gesch&auml;tlich:</td>

      <td><?php echo htmlspecialchars( $telephone_number ); ?></td>

   </tr>

   <tr class="odd">

      <td class="heading">Container:</td>

      <td><?php echo htmlspecialchars( $container ); ?></td>

   </tr>

   </table>

   <br /><input type="submit" value="Adresse anlegen" />

   </center>

   </form>

<?php } ?>

</body>

</html>

```

----------

## tomga

and for the english speaking people  :Wink: 

```

<?php

require 'common.php';

// customize this to your needs

$default_container = "ou=Addresses";

// Common to all templates

$container = $_POST['container'];

$server_id = $_POST['server_id'];

// Unique to this template

$step = isset( $_POST['step'] ) ? $_POST['step'] : 1;

check_server_id( $server_id ) or pla_error( "Bad server_id: " . htmlspecialchars( $server_id ) );

have_auth_info( $server_id ) or pla_error( "Not enough information to login to server. Please check your configuration." );

?>

<script language="javascript">

<!--

/*

 * Populates the common name field based on the last

 * name concatenated with the first name, separated

 * by a blank

 */

function autoFillCommonName( form )

{

   var first_name;

   var last_name;

   var common_name;

        first_name = form.first_name.value;

        last_name = form.last_name.value;

   if( last_name == '' ) {

      return false;

   }

   common_name = first_name + ' ' + last_name;

   form.common_name.value = common_name;

}

-->

</script>

<center><h2>New Address Book Entry<br />

<small>(InetOrgPerson-Outlook modified)</small></h2>

</center>

<?php if( $step == 1 ) { ?>

<form action="creation_template.php" method="post" id="address_form" name="address_form">

<input type="hidden" name="step" value="2" />

<input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />

<input type="hidden" name="template" value="<?php echo htmlspecialchars( $_POST['template'] ); ?>" />

<center>

<table class="confirm">

<tr class="spacer"><td colspan="2"></tr>

<tr>

   <td colspan="2">

      <table class="confirm">

   <tr>

      <td><img src="images/uid.png" /></td>

      <td class="heading">First Name:</td>

      <td><input type="text" name="first_name" id="first_name" value="Vorname" onChange="autoFillCommonName(this.form)" /></td>

      <td></td>

      <td class="heading">Last Name:</td>

      <td><input type="text" name="last_name"id="last_name" value="Nachname" onChange="autoFillCommonName(this.form)" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">Middle Name:</td>

      <td><input type="text" name="initials" id="initials" value="" /></td>

      <td></td>

      <td class="heading">Email Address:</td>

      <td><input type="text" name="mail" id="mail" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">Common name:</td>

      <td><input type="text" name="common_name" id="common_name" value="" /></td>

      <td></td>

      <td></td>

      <td></td>

   </tr>

   </table>

   </td>

</tr>

<tr class="spacer"><td colspan="2"></tr>

<tr>

   <td colspan="2">Business</td>

</tr>

<tr>

   <td colspan="2">

      <table class="confirm">

   <tr>

      <td><img src="images/mail.png" /></td>

      <td class="heading">Company Name:</td>

      <td><input type="text" name="organization" id="organization" value="" /></td>

      <td></td>

      <td class="heading">Job Title:</td>

      <td><input type="text" name="title" id="title" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">Street Address::</td>

      <td rowspan="2"><textarea cols="20" rows="2" name="workstreet" id="workstreet"></textarea></td>

      <td></td>

           <td class="heading">Department:</td>

           <td><input type="text" name="department" id="department" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td></td>

           <td></td>

           <td class="heading">Office:</td>

           <td><input type="text" name="physicaldeliveryofficename" id="physicaldeliveryofficename" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">City:</td>

      <td><input type="text" name="city" id="city" value="" /></td>

      <td></td>

           <td class="heading">Phone:</td>

           <td><input type="text" name="telephonenumber" id="telephonenumber" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">State/Province:</td>

      <td><input type="text" name="state" id="state" value="" /></td>

      <td></td>

           <td class="heading">Fax:</td>

           <td><input type="text" name="facsimiletelephonenumber" id="facsimiletelephonenumber" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">Zip Code:</td>

      <td><input type="text" name="postal_code" id="postal_code" value="" /></td>

      <td></td>

           <td class="heading">Pager:</td>

           <td><input type="text" name="pager" id="pager" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">Country/Region:</td>

      <td><input type="text" name="country" id="country" value="" /></td>

      <td></td>

           <td class="heading">IP Phone:</td>

           <td><input type="text" name="" id="" value="" readonly="readonly" style="background-color:lightgrey" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">Web Page:</td>

      <td colspan="4"><input type="text" name="url" id="url" value="" size="50" /></td>

   </tr>

      </table></td>

</tr>

<tr class="spacer"><td colspan="2"></tr>

<tr>

   <td colspan="2">Home</td>

</tr>

<tr>

   <td colspan="2">

      <table class="confirm">

   <tr>

      <td><img src="images/mail.png" /></td>

      <td class="heading">Street Address:</td>

      <td rowspan="2"><textarea cols="20" rows="2" name="homePostalAddress" id="homePostalAddress"></textarea></td>

      <td></td>

      <td class="heading">Phone:</td>

      <td><input type="text" name="homePhone" id="homePhone" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td></td>

      <td></td>

      <td class="heading">Fax:</td>

      <td><input type="text" name="otherFacsimiletelephoneNumber" id="otherFacsimiletelephoneNumber" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">City:</td>

      <td><input type="text" name="" id="" value="" readonly="readonly" style="background-color:lightgrey" /></td>

      <td></td>

      <td class="heading">Mobile:</td>

      <td><input type="text" name="mobile" id="mobile" value="" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">State/Province:</td>

      <td><input type="text" name="" id="" value="" readonly="readonly" style="background-color:lightgrey" /></td>

      <td></td>

      <td class="heading">Zip Code:</td>

      <td><input type="text" name="" id="" value="" readonly="readonly" style="background-color:lightgrey" /></td>

   </tr>

   <tr>

      <td></td>

      <td class="heading">Country/Region:</td>

      <td><input type="text" name="" id="" value="" readonly="readonly" style="background-color:lightgrey" /></td>

      <td></td>

      <td></td>

      <td></td>

   </tr>   

   <tr>

      <td></td>

      <td class="heading">Web Page (home):</td>

      <td colspan="4"><input type="text" name="" id="" value="" size="50" readonly="readonly" style="background-color:lightgrey" /></td>

   </tr>   

   </table>

</tr>

<tr class="spacer"><td colspan="2"></tr>

<tr>

   <td colspan="2">Other</td>

</tr>

<tr>

   <td colspan="2">

      <table class="confirm">

   <tr>

      <td></td>

      <td class="heading" style="vertical-align:top;">Notes:</td>

      <td><textarea cols="50" rows="5" name="comment" id="comment"></textarea></td>

      <td></td>

      <td></td>

      <td></td>

   </tr>

   </table>

   </td>

</tr>

<tr class="spacer"><td colspan="2"></tr>

<tr>

   <td colspan="2">Organisation</td>

</tr>

<tr>

   <td colspan="2">

      <table class="confirm">

   <tr>

      <td></td>

      <td class="heading">Manager:</td>

      <td><input type="text" name="Manager" id="Manager" value="" readonly="readonly" style="background-color:lightgrey" /></td>

      <td></td>

      <td class="heading">Reports:</td>

      <td><input type="text" name="Reports" id="Reports" value="" readonly="readonly" style="background-color:lightgrey" /></td>

   </tr>

   </table>

   </td>

</tr>

<tr class="spacer"><td colspan="2"></tr>

<tr>

   <td class="heading">Container:</td>

   <td><input type="text" name="container" size="60" value="<?php if( isset( $container ) )

            echo htmlspecialchars( $container );

              else

            echo htmlspecialchars( $default_container . ',' . $servers[$server_id]['base'] ); ?>" />

      <?php draw_chooser_link( 'address_form.container' ); ?></td>

   </td>

</tr>

<tr>

   <td colspan="2"><center><input type="submit" value="Proceed &gt;&gt;" /></td>

</tr>

</table>

</center>

<?php } elseif( $step == 2 ) {

   // Common

   $common_name = trim( $_POST['common_name'] );

   $first_name = trim( $_POST['first_name'] );

   $last_name = trim( $_POST['last_name'] );

   $initials = trim( $_POST['initials'] );

   $mail = trim( $_POST['mail'] );

   // Geschaeftlich

   $organization = trim( $_POST['organization'] );

   $title = trim( $_POST['title'] );

   $workstreet = trim( $_POST['workstreet'] );

   $department = trim( $_POST['department'] );

   $physicaldeliveryofficename = trim( $_POST['physicaldeliveryofficename'] );

   $city = trim( $_POST['city'] );

   $telephone_number = trim( $_POST['telephonenumber'] );

   $state = trim( $_POST['state'] );

   $facsimiletelephonenumber = trim( $_POST['facsimiletelephonenumber'] );

   $postal_code = trim( $_POST['postal_code'] );

   $pager = trim( $_POST['pager'] );

   $country = trim( $_POST['country'] );

   //$IPPhone = trim( $_POST['IPPhone'] );

   $url = trim( $_POST['url'] );

   //Privat

   $homePostalAddress = trim( $_POST['homePostalAddress'] );

   $homePhone = trim( $_POST['homePhone'] );

   $otherFacsimiletelephoneNumber = trim( $_POST['otherFacsimiletelephoneNumber'] );

   $mobile = trim( $_POST['mobile'] );

   //Andere

   $comment = trim( $_POST['comment'] );

   //Organisation

   $Manager = trim( $_POST['Manager'] );

   $Reports = trim( $_POST['Reports'] );

   /* Critical assertions */

   0 != strlen( $common_name ) or

      pla_error( "You cannot leave the Common Name blank. Please go back and try again." );

   ?>

   <center><h3>Confirm entry creation:</h3></center>

   <form action="create.php" method="post">

   <input type="hidden" name="server_id" value="<?php echo $server_id; ?>" />

   <input type="hidden" name="new_dn" value="<?php echo htmlspecialchars( 'cn=' . $common_name . ',' . $container ); ?>" />

   <!-- ObjectClasses  -->

   <?php $object_classes = rawurlencode( serialize( array( 'top', 'person', 'organizationalPerson', 'inetOrgPerson', 'officePerson' ) ) ); ?>

   <input type="hidden" name="object_classes" value="<?php echo $object_classes; ?>" />

   <!-- The array of attributes/values -->

   <!-- common -->

   <input type="hidden" name="attrs[]" value="cn" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($common_name);?>" />

   <input type="hidden" name="attrs[]" value="givenName" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($first_name);?>" />

   <input type="hidden" name="attrs[]" value="sn" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($last_name);?>" />

   <input type="hidden" name="attrs[]" value="initials" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($initials);?>" />

   <input type="hidden" name="attrs[]" value="mail" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($mail);?>" />

   <!-- Geschaeftlich -->

   <input type="hidden" name="attrs[]" value="o" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($organization);?>" />

   <input type="hidden" name="attrs[]" value="title" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($title);?>" />

   <input type="hidden" name="attrs[]" value="postalAddress" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($workstreet);?>" />

   <input type="hidden" name="attrs[]" value="ou" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($department);?>" />

   <input type="hidden" name="attrs[]" value="physicaldeliveryofficename" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($physicaldeliveryofficename);?>" />

   <input type="hidden" name="attrs[]" value="l" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($city);?>" />   

   <input type="hidden" name="attrs[]" value="telephoneNumber" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($telephone_number);?>" />

   <input type="hidden" name="attrs[]" value="st" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($state);?>" />   

   <input type="hidden" name="attrs[]" value="facsimiletelephonenumber" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($facsimiletelephonenumber);?>" />   

   <input type="hidden" name="attrs[]" value="postalCode" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($postal_code);?>" />

   <input type="hidden" name="attrs[]" value="pager" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($pager);?>" />   

   <input type="hidden" name="attrs[]" value="c" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($country);?>" />

   <!--<input type="hidden" name="attrs[]" value="IPPhone" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($IPPhone);?>" />-->

   <input type="hidden" name="attrs[]" value="URL" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($url);?>" />

   <!-- Privat -->

   <input type="hidden" name="attrs[]" value="homePostalAddress" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($homePostalAddress);?>" />   

   <input type="hidden" name="attrs[]" value="homePhone" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($homePhone);?>" />

   <input type="hidden" name="attrs[]" value="otherFacsimiletelephoneNumber" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($otherFacsimiletelephoneNumber);?>" />

   <input type="hidden" name="attrs[]" value="mobile" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($mobile);?>" />

   <!-- Andere -->

   <input type="hidden" name="attrs[]" value="comment" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($comment);?>" />   

   <!-- Organisation -->

   <input type="hidden" name="attrs[]" value="Manager" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($Manager);?>" />   

   <input type="hidden" name="attrs[]" value="Reports" />

   <input type="hidden" name="vals[]" value="<?php echo htmlspecialchars($Reports);?>" />

   <center>

   <table class="confirm">

   <tr class="even">

      <td class="heading">Common name:</td>

      <td><b><?php echo htmlspecialchars( $common_name ); ?></b></td>

   </tr>

   <tr class="odd">

      <td class="heading">Vorname:</td>

      <td><b><?php echo htmlspecialchars( $first_name ); ?></b></td>

   </tr>

   <tr class="even">

      <td class="heading">Nachname:</td>

      <td><b><?php echo htmlspecialchars( $last_name ); ?></b></td>

   </tr>

   <tr class="odd">

      <td class="heading">Firma:</td>

      <td><?php echo htmlspecialchars( $organization ); ?></td>

   </tr>

   <tr class="even">

      <td class="heading">Stadt:</td>

      <td><?php echo htmlspecialchars( $city ); ?></td>

   </tr>

   <tr class="odd">

      <td class="heading">Postleitzahl:</td>

      <td><?php echo htmlspecialchars( $postal_code ); ?></td>

   </tr>

   <tr class="even">

      <td class="heading">Stra&szlig;e:</td>

      <td><?php echo htmlspecialchars( $workstreet ); ?></td>

   </tr>

   <tr class="odd">

      <td class="heading">Telefon gesch&auml;tlich:</td>

      <td><?php echo htmlspecialchars( $telephone_number ); ?></td>

   </tr>

   <tr class="odd">

      <td class="heading">Container:</td>

      <td><?php echo htmlspecialchars( $container ); ?></td>

   </tr>

   </table>

   <br /><input type="submit" value="create address" />

   </center>

   </form>

<?php } ?>

</body>

</html>

```

----------

## tomga

.... and i should mention this site

http://www.openldap.org/faq/data/cache/294.html

----------

## drakkan

 *DeadMonkey wrote:*   

> Excellent guide, and now I have a working OpenLDAP server to use as a common address book for Outlook 2000 / Outlook 2003 clients.
> 
> They only problem I'm having at this point:  When I start a new e-mail and open up the LDAP address book it comes up blank.  I have to use "find" and then enter in a search to find the user. 
> 
> Is that by design or is there something I'm missing?  I'd really like to pull up the LDAP address book and show all available entries instead of the ones I've had to manually search for.  
> ...

 

I have the same, there is a solution?

thanks for the great howto

----------

## mariourk

It's a common problem. I don't know why but that's just the way it works.

There is a dirty workaround, just search for * or @ or a blank screen. It will give

you all the names. Downside is that you loose them as soon you close outlook.

So every time you start outlook you have to do that again.

There is however a much better method. Configure outlook to look into you

LDAP-addressbook first. Now, instead of opening the addressbook and selecting

the names you want, just type is the first name(s) is the addressbar. Multiple names

can be seperated by a ;

As soon you click on 'send' or 'check names' outlook will rip the names from your

LDAP-addressbook  :Very Happy:  In case there are multiple hits, outlook will present a small

list with the possabilities.

Hope that helps.  :Wink: 

----------

## drakkan

another little help please,

phpldapadmin works fine, but there is a way to add contacts to ldap directly from outlook?

thanks drakkan

----------

## mariourk

Short answer, nope!  :Wink: 

----------

## mattmm

what would you add to require the outlook client to login in before accessing the ldap listing? Currently this is just setup to login anonymously granting access to anyone.

----------

## vgster

When doing the ldapadd -D "dc=gentoo,dc=org" -f directory.ldif -W  I get the following error

Enter LDAP Password:

adding new entry "dc=gentoo,dc=org"

ldapadd: update failed: dc=gentoo,dc=org

ldap_add: Invalid syntax (21)

        additional info: objectClass: value #0 invalid per syntax

Do I need to remove something?

Regards

Lee

----------

## mariourk

 *mattmm wrote:*   

> what would you add to require the outlook client to login in before accessing the ldap listing? Currently this is just setup to login anonymously granting access to anyone.

 

I have no Idea. I had enough trouble to get it working this way. Maybe you can figure it out for us?  :Very Happy: 

 *vgster wrote:*   

> 
> 
> When doing the ldapadd -D "dc=gentoo,dc=org" -f directory.ldif -W I get the following error
> 
> Enter LDAP Password:
> ...

 

Try this:

```

ldapadd -D "dc=gentoo, dc=org" -f directory.ldif -W

```

note the space between dc=gentoo, and dc=org

You also have to set this right is your ldif file.

----------

## derheld42

Thanx so much for the tutorial!

I was able to get authentication working by adding this to slapd.conf

```

# http://yolinux.com/TUTORIALS/LinuxTutorialLDAP-BindPW.html

# adding user passwords

defaultaccess   none

access to attr=userPassword                  

       by dn="cn=Manager,dc=blar,dc=net" write   

       by self write                         

       by * auth

#access to dn=".*,ou=1963,o=delta"

#       by dn="cn=Admin1963,o=delta" write

#       by self write

#       by users read

#       by * auth

#access to dn=".*,ou=people,dc=blar,dc=net"

#       by users write

#       by self write

#       by * auth

access to *

       by dn="cn=Manager,dc=blar,dc=net"  write  

       by users write

       by self write

       by * auth

```

However, I can't get evolution 2.8.1.1 to use a password with ldap, so I'm trying to decide if I really want a password on my home network.

EDIT: I got evolution 2.8.1.1 to work after I added the use variable ldap to the evolution-data-server build. duh! I stumbled on this by accident, I guess I wish there was some sort of automatic dependency from evolution's ldap use variable to the evolution-data-server's ldap use variable. NOTE: I don't have make.conf's global ldap use variable set.

----------

## fank

 *tecknojunky wrote:*   

> ...and...
> 
>  *Quote:*   # /etc/init.d/slapd restart
> 
>  * Stopping ldap-server...                                                [ ok ]
> ...

 

got the same error

I checked twice syntax and found at begin of extension.schema some strange symbols (I can see them only in less). I think this is bacause of copy-pasting this conf.

then I deleted first line and retyped it by hand

Now it working for me!!!

I hope this help to you

sorry for bad English   :Embarassed: 

----------

