I'm running SquirrelMail 1.4.3a with Apache 1.3.29 and PHP 4.3.4. The
plugins abook_take, listcommands, message_details, and squirrelspell are
enabled. SM connects to a uw-imap server on the same host. All of that
software comes from Debian/Sarge. I've just moved Unix user management
into Active Directory using libnss-ldap (aka PADL nss_ldap) and the
POSIX-like schema from MS Services for Unix. I have a special user account
for reading LDAP data.
The computers are generally happy with the setup, and SquirrelMail works
fine for reading and sending mail. The problem comes with using the address
book to search an Active Directory-based LDAP. I have two LDAP services
configured in SquirrelMail:
// University's Lotus-based LDAP
$ldap_server[0] = array(
'host' => '*omitted*',
'base' => 'o=AmericanU',
'name' => 'American University'
);
// Deparment's Active Directory-based LDAP
$ldap_server[1] = array(
'host' => '*omitted*',
'base' => 'DC=2k,DC=csis,DC=american,DC=edu',
'name' => 'CAP Internal Services',
'binddn' => '*omitted*',
'bindpw' => '*omitted*',
'protocol' => 3
);
Searches on the first one work flawlessly. When searching the second one,
the addressbook gives this vague message:
Your search failed with the following error(s):
[CAP Internal Services] Operations error
My settings for 'CAP Internal Services' were initially copied from my
working configuration of libnss-ldap. I have also tried a number of
variations:
* For 'host', tried a Win2000-based server and a Win2003-based server.
* For 'binddn', tried the proper dn 'CN=user...DC=edu' and the
not-so-proper '[EMAIL PROTECTED]'
* For 'protocol', tried '2' and '3', and tried omitting the parameter.
To ensure that config.php is reloaded after I make a change, I modify the
'name' field, close the search window, reopen the search tool, verify that
the new name is used, and repeat my search.
I'm not sure that I've tried every possible permutation of those settings.
But, for each permutation that failed with SquirrelMail, I also did a
successful test with ldapsearch, e.g.
ldapsearch -h '*omitted*' -b 'DC=2k,DC=csis,DC=american,DC=edu' \
-D '*omitted*' -w '*omitted*' -xP3 sn=Otten mail
To factor out typos, I use cut and paste to construct the command line.
The only wiki page which seems to discuss AD is
http://www.squirrelmail.org/wiki/en_US/SquirrelMailWithExchangeFAQ
The patches/comments seem to enable authenticated searching. The current
code looks like it already has the same functionality. (I haven't tried
any debugging b/c I have no PHP experience.)
I've glanced through a dozen pages of the -user archives, and haven't
found any help. There doesn't seem to be an option for searching the
archives.
So. Has anyone had success searching AD from SquirrelMail? Was your setup
similar?
Thanks for at least reading,
Tim
-------------------------------------------------------
This SF.Net email is sponsored by BEA Weblogic Workshop
FREE Java Enterprise J2EE developer tools!
Get your free copy of BEA WebLogic Workshop 8.1 today.
http://ads.osdn.com/?ad_id=4721&alloc_id=10040&op=click
--
squirrelmail-users mailing list
List Address: [EMAIL PROTECTED]
List Archives: http://sourceforge.net/mailarchive/forum.php?forum_id=2995
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
