Table of Contents

Хранение адресной книги в LDAP

!!!! Устарело !!!!

Объект inetOrgPerson и его атрибут mail не удается использовать из-за конфликта между классами предками (invalid structural object class chain (account/person)) http://www.openldap.org/lists/openldap-software/200307/msg00267.html

Расширение схемы

http://phpldapadmin.sourceforge.net/wiki/index.php/SchemaContributed:MozillaOrgPerson

[server:~] # cat mozillaorgperson.schema
attributetype ( 1.3.6.1.4.1.13769.2.1.1
        NAME ( 'mozillaNickname' )
        SUP name )

attributetype ( 1.3.6.1.4.1.13769.2.1.2
        NAME ( 'mozillaUseHtmlMail' )
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.13769.2.1.3
        NAME 'mozillaSecondEmail'
        EQUALITY caseIgnoreIA5Match
        SUBSTR caseIgnoreIA5SubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

attributetype ( 1.3.6.1.4.1.13769.2.1.4
        NAME 'mozillaHomeLocalityName'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )

attributetype ( 1.3.6.1.4.1.13769.2.1.5
        NAME 'mozillaPostalAddress2'
        EQUALITY caseIgnoreListMatch
        SUBSTR caseIgnoreListSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )

attributetype ( 1.3.6.1.4.1.13769.2.1.6
        NAME 'mozillaHomePostalAddress2'
        EQUALITY caseIgnoreListMatch
        SUBSTR caseIgnoreListSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.41 )

attributetype ( 1.3.6.1.4.1.13769.2.1.7
        NAME ( 'mozillaHomeState' ) SUP name )

attributetype ( 1.3.6.1.4.1.13769.2.1.8
        NAME 'mozillaHomePostalCode'
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{40} )

attributetype ( 1.3.6.1.4.1.13769.2.1.9
        NAME ( 'mozillaHomeCountryName' )
        SUP name SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.13769.2.1.10
        NAME ( 'mozillaHomeFriendlyCountryName' )
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 )

attributetype ( 1.3.6.1.4.1.13769.2.1.11
        NAME ( 'mozillaHomeUrl' )
        EQUALITY caseIgnoreIA5Match
        SUBSTR caseIgnoreIA5SubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

attributetype ( 1.3.6.1.4.1.13769.2.1.12
        NAME ( 'mozillaWorkUrl' )
        EQUALITY caseIgnoreIA5Match
        SUBSTR caseIgnoreIA5SubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )

attributetype ( 1.3.6.1.4.1.13769.2.1.13
        NAME ( 'nsAIMid' )
        DESC 'AOL Instant Messenger (AIM) Identity'
        EQUALITY telephoneNumberMatch
        SUBSTR telephoneNumberSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.50 )

attributetype ( 1.3.6.1.4.1.13769.2.1.14 NAME ( 'mozillaHomeStreet' )
        EQUALITY caseIgnoreMatch
        SUBSTR caseIgnoreSubstringsMatch
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{128} )

attributetype ( 1.3.6.1.4.1.13769.2.1.96
        NAME ( 'mozillaCustom1' )
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.13769.2.1.97
        NAME ( 'mozillaCustom2' )
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.13769.2.1.98
        NAME ( 'mozillaCustom3' )
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

attributetype ( 1.3.6.1.4.1.13769.2.1.99
        NAME ( 'mozillaCustom4' )
        SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
        SINGLE-VALUE )

objectclass ( 1.3.6.1.4.1.13769.2.2.1
        NAME 'mozillaOrgPerson'
        SUP top
        AUXILIARY
        MAY (
        sn $
        givenName $
        cn $
        displayName $
        mozillaNickname $
        title $
        telephoneNumber $
        facsimileTelephoneNumber $
        mobile $
        pager $
        homePhone $
        street $
        postalCode $
        mozillaPostalAddress2 $
        mozillaHomeStreet $
        mozillaHomePostalAddress2 $
        l $
        mozillaHomeLocalityName $
        st $
        mozillaHomeState $
        mozillaHomePostalCode $
        c $
        mozillaHomeCountryName $
        co $
        mozillaHomeFriendlyCountryName $
        ou $
        o $
        mail $
        mozillaSecondEmail $
        mozillaUseHtmlMail $
        nsAIMid $
        mozillaHomeUrl $
        mozillaWorkUrl $
        description $
        mozillaCustom1 $
        mozillaCustom2 $
        mozillaCustom3 $
        mozillaCustom4 ) )

FreeBSD

[server:~] # cat /usr/local/etc/openldap/slapd.conf
...
include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/nis.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema
include         /root/mozillaorgperson.schema
...
[server:~] # /usr/local/etc/rc.d/slapd restart

Ubuntu

root@server:~# cat mozillaorgperson.conf
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /root/mozillaorgperson.schema
root@server:~# slapcat -f mozillaorgperson.conf -F /tmp/ -n0 -s "cn={4}mozillaorgperson,cn=schema,cn=config" > /tmp/cn=mozillaorgperson.ldif 

root@server:~# vim /tmp/cn=mozillaorgperson.ldif
!!! remove 5-7 last lines !!!

root@server:~# ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif # No need in ubuntu 12.04

root@server:~# ldapadd -Y EXTERNAL -H ldapi:/// -f /tmp/cn=mozillaorgperson.ldif

Заполнение адресной книги

server:~# cat addmail.ldif
dn: uid=user1,ou=users,dc=corpX,dc=un
changetype: modify
add: objectClass
objectClass: mozillaOrgPerson

dn: uid=user1,ou=users,dc=corpX,dc=un
changetype: modify
add: mail
mail: user1@gate.corpX.un

dn: uid=user2,ou=users,dc=corpX,dc=un
changetype: modify
add: objectClass
objectClass: mozillaOrgPerson

dn: uid=user2,ou=users,dc=corpX,dc=un
changetype: modify
add: mail
mail: user2@gate.corpX.un
server# ldapmodify -x -D "cn=admin,dc=corpX,dc=un" -w secret -f addmail.ldif

server# ldapsearch -x -b"dc=corpX,dc=un" -h server "uid=user1"