Remote Domino LDAP Address Book

hi people..
we have sun java communication suite up and running. recently my boss has asked to incooperate domino address book in the sun java messaging server.
i have followed the steps in the Communication Suite Admin guide, adding an additional remote address book.
the steps i followed are -
1. edited defaultps.xml
2. edited personalstore.properties.. mentioned the LDAP url
3. created a new directory under config/corp-dir2 copied files from corp-dir directory
4. edited the dbconfig.properties and mention the ldap server
5. restarted the web container.
logged into uwc to check if it was reflected. could see the extra address book, but when searching.. it generated an sever error
"Your server is not configured properly or your search query has exceeded the limit. Please check server configuration"
any inputs from experts, where i must have gone wrong..
thanks
Bhanu Prasad
Edited by: prasad0_0 on Oct 10, 2007 6:33 AM

shane_hjorth wrote:
Is the LDAP query recorded as being successful (or occurring at all) from the domino server end?
If so did the search have an error, return a problem etc. That would be a good place to start debugging.hi shane,
thanks for the reply.
well the ldap query is been successful on the domino side as the logs confirm.
when querying all with the filter (objectclass=*) returns a successful entry from the domino side,
but is unable to display on the address book.
how ever the entry returned is for the user at the o level, and user in the ou level fails to return a value.
we are not sure how does uwc query the local ldap server and display the result for uwc.we figured there is a search.xml file involved, but not sure how uwc renders the search.
If not then you would need to turn up full debugging on UWC to see if there are any errors from that end.how do we turn on full debugging for UWC

Similar Messages

LDAP Address Book

I'm setting up OS X mail and it is working perfect. The only problem is I use Apple's Open Directory and I want squirrelmail to look at it over LDAP to pull the address book. I have that working but it only searchs the email name not the givenname or otherfields. So, if I search for "pzie" it finds "[email protected]", but I search for "Pat" and it returns no results even though "Pat" is set up as givenname in Open Directory. I found the file that controls this. /usr/share/squirrelmail/functions/abookldapserver.php I would like it to be able to search more than one field. Has anyone already come acrosse this problem and fixed it?

Originally Posted by mikebell90
On 2/25/2010 5:06 PM, brianbe2 wrote:
>
> Hello folks,
>
> Our company is a mixed bag of GroupWise 7, Lotus/Domino, MS Exchange,
> MS BPOS and Google Apps. We are trying to build a Global Address List
> for our company and are testing by trying to feed our GroupWise Address
> information via LDAP to our Domino/Lotus server and visa versa.
>
> We can query each others LDAP sources but are unable to find a method
> of pullin and pushing LDAP information between server automatically. ur
> thoughts are, it's just LDAP information, can't the two replicate to
> each other so our users will have up to date addresses and contact
> information?
>
> Hope someone finds this topic familiar and is able to assist.
>
> Thanks,
> Brian
>
>
Nope, that's a sadly simplistic view of LDAP. You can push and import
stuff, but it's not just automatic.
Thanks Mike,
Yes, I WAS trying to make it simple as an opener to this discussion, trying to avoid detail for times sake.
So, how can I push and import stuff?
We are using LDAPAdmin to query the selected LDAP databases and finding good stuff. It would seem that someone would have a connector for LDAP, perhaps source agnostic, that could match attributes from one system to another, in this case GroupWises attributes don't exactly line up to Notes. Google Apps has an LDAP database we can query as well, I'm sure BPOS (Microsofts answer to Google Apps) does also.
Can GroupWise import LDAP to assist in creating a GAL (Global Address List)?
Thanks again,
Brian

LDAP, Address Book and picture

Hi,
I have a Xserve on my network with LDAP, i use it for display all information user's in address book, but no picture !
I read many post on this forum about LDAP and picture user's in address book, likely this post :
http://discussions.apple.com/thread.jspa?messageID=3604435&#3604435
My question is : When i have a OS X client NOT in Open Directory, i can display picture in address book with LDAP configuration ?
If not use automount network library, can use another "values" for apple-user-picture ?
I try http link for picture in values field, don't work.
Any solution for "standard account" Macintosh ?
I hope my question is easy, thanks in advance !!
Xserve OS X Server Mac OS X (10.4.8)

OK problem resolved

SquirrelMail LDAP address book error

Hello all - over the weekend I upgraded my OD Master/LDAP server and my Mail server (two separate boxes) to v10.5.5 of OS X server, and now my users are reporting that they can no longer use our LDAP-integrated address book in SquirrelMail... I tried it myself just now and get this:
"Error initializing LDAP server password.myserver.com: [ServerName] Protocol error"
I didn't change the search base I had been using before (dc=password,dc=myserver,dc=com) on either the LDAP server or the Mail server, so I don't know what has happened here... I re-ran and checked the SquirrelMail config (conf.pl) and even removed the previous LDAP server entry and re-added the server, and tried changing the 'use Javascript' search (with both HTML and Java) but am still getting the same error.
I don't see anything pop up in the logs on either machine when I try to run the address book feature in squirrel mail and get that error.
Can anyone help me troubleshoot this?
Thank you
BC

Whee! I just figured this one out for us!
I had updated our SquirrelMail per the http://osx.topicdesk.com tutorial and couldn't get this to work.
What I finally was able to figure out was that I needed the right entries and not modify my slapd files on the directory master.
From terminal:
cd /usr/share/squirrelmail/config
./conf.pl
Pick option 6
Pick option 1
You type in "l" to list your entries, and you may want to delete what's there by putting in "- #" where # is the number of the entry from the list.
Press + to add a new entry
For Hostname: odmaster.stanwood.wednet.edu (replace with yours)
For Base DN: cn=Users,dc=odmaster,dc=stanwood,dc=wednet,dc=edu (replace the dc's with your info, keep Users, important part!!).
For Port: 389
The rest you can generally fill in except for when you get to protocol, that should be "3"
Hit "d" for done, "S" to save, "Q" to quit and then try out your settings!
Good luck!!
Oh and this did work for us even tho we are using SSL for TLS support for the clients on our directory master. It also only pulls up people with eMail addresses in the directory record, not all of our thousands of students who also happen to be in there.

LDAP, Address Book, Mail

Hi
I have an LDAP server functioning as a shared address book. I have configured addressbook and mail to use that server for contact searches.
My problem is that many contacts have multiple email addresses (home, office, etc.) and in LDAP these are stored as different instances of the 'mail' attribute. The 'mail' attribute must then be mapped somehow to the 'Email' attribute on Address Book. However, searching the directory in either address book or the 'to' field of Mail only gives me the first mail listed, and there's no way to show any others. It labels the first address as 'work' and doesn't give any more info.
Does anyone know how to get around this? I am new to LDAP so maybe you're not supposed to store multiple values for the same attribute?
Many thanks

Anyone know how to convince Apple to add this functionality?
I doubt Tiger's Mail will get many changes, if any, but...
Here's their Feedback page...
http://www.apple.com/feedback/
I don't exactly see Mail mentioned, so maybe this one...
But there is Mail under the Feedback Area dropdown menu here...
http://www.apple.com/feedback/macosx.html
Or is it perhaps present in Leopard/SL?
No LDAP to test here, but both Mail & AB are improved.

LDAP address book search slow

Hi,
I am using the LDAP server on Mac OS X Server 10.4 to store our corporate address book which is updated from a php based admin. The amount of contacts is around 700 now and searchs from Apple Addressbook are taking nearly 10 seconds. Is there a way of speeding this up hopefully to below 2 seconds?
I don't know much about LDAP and have been trying to reindex the database by stopping LDAP and runnign slapindex, but this doesn't seem to have made a difference.
Many Thanks
Tim Pearson
Grafika Ltd

I have solved my problem. I don't think the indexing was a problem. I was running on 10.4.3 and had a process called nano using my processor at 100%. I noticed this and upgraded to 10.4.6 server which has cured the problem and now the LDAP search is almost instant.
Regards
Tim Pearson
Grafika

Shared LDAP Address Book (again)

I've been reading some threads, including in the archives relating to sharing addresses - in particular http://discussions.apple.com/thread.jspa?messageID=661874
There's a walkthrough of setting this up by Aleksandor Nagy, followed by a post by Roberto Leon detailing the following error he's receiving:
ldapsasl_interactive_binds: Local error (-2)
additional info: SASL(-1): generic failure: GSSAPI Error: Miscellaneous failure (No credentials cache found)
I've followed this through and am getting the same error... Aleksandor or anybody else, any ideas why this may be? I'm using Server 10.4.5 which may possibly be the problem. The original thread has now been archived, hence the new post.
Any suggestions greatly appreciated!
Dual G5, OSX Server 10.4.5 Mac OS X (10.4.3)

Hi Jeff,
I was wondering if you could help me with troubleshooting phpLDAPadmin 0.9.8.2?
I need to connect REMOTELY from my laptop to my LDAP/OD Master server on our LAN running on a 10.3.9 Server. I've installed and tested PHP and Apache on my 10.4.6 laptop and both are running fine.
When I go to the following URL (below) on my laptop, the phpLDAPadmin page shows up fine, but I can't log in and I get the following error: Could not connect to "127.0.0.1" on port "389".
172.X.X.X/~myname/phpldapadmin/htdocs/index.php
I've modified the config.php file (path seen below) but phpLDAPadmin still tries to connect to MY laptop at 127.0.0.1
/Users/myname/Sites/phpldapadmin/config/config.php
Is the phpldapadmin config.php file actually located somewhere else on my laptop? Should I be modifying a DIFFERENT config.php file on my laptop? I've modified the settings in the config.php to point to the LDAP Server, but it still tries to connect to 127.0.0.1.
I'm stumped. Any ideas or help would be GREATLY appreciated?
Thanks, Bill

Add new remote address book

I am trying to add a new ldap address book in communications express
Can somebody help me with a sample to start with this.
The below is a sun document explaining basic steps for reference:
Currently I have personal address book and corporate directory shown in the drop down list. When we select the corporate directory all users for that hosted domain is listed correctly. And in PAB all contacts entered in outlook contacts is listed. Now we want to add new book that will point the root of ldap to list all users accross all hosted domian.
I hope this is possible. Thanks in advance
SUN DOC:
Corporate Address Book
For corporate and remote address books a corresponding xxx instance should exist in the personalstore.properties file. The value of db.xxx.urlmatch in personalstore.properties file should be assigned the value of bookremoteurl attribute present in defaultps.xml file.
To add a new remote address book, you need to add the following items:
Steps
Add a new book node in defaultps.xml file
Add a new xxx instance in personalstore.properties file.
Create a directory under WEB-INF/config to store the db_config.properties and xlate files.
Note �
The xlate files contains the field mappings between an LDAP schema and address book XML schema for a contact or group

I forgot to include the following details:
We are having V250 server with Solaris 9/04 SPARC with Java Entpr 2005Q1. Thanks in advance

Need to Create AD LDAP based Address Book

We need to Create AD LDAP based Address Book. Following is the scenario.
Our Existing Network
SMTP Domain Name1 is xyz.net hosted on O365 Exchange online with E3, E1 and KIOSK Plan for different users.
SMTP Domain Name2 is abc.com hosted on onpremise Linux box
Windows 2008R2 based AD Domain named abc.com
Linux POP users get central/global address list by using AD Domain for
abc.com LDAP address list
Solution required for
Exchange KIOSK user with POP connectivity need to have access to some Central/Global Address list for
xyz.net
We wish to
Setup a seperate domain joined or workgroup server and use the Windows AD LDAP/ADAM service to build a Address List for
xyz.net domain
we DO NOT wish to replicate AD LDAP Instance from our existing Domain Controller.
configure Exchange Kiosk pop users to use LDAP addres list by connecting it to the AD LDAP server.
We are looking for
steps to setup a ADLDAP/ADAM service on Win2008R2 or 2012 with a fresh AD LDAP Instance.
The step to create a Application Directory Partition
Populate the Application Directory Partition with users, groups, contact for the xyz.net domain either manually as well as by importing
allow users to be able to access this application directory partition on AD LDAP server and
allow the users to configure their pop email client [outlook 2010] to use the LDAP address book on the AD Ldap server

Hi,
Here i found some articles for you refering:
How Active Directory Application Mode Works
http://technet.microsoft.com/en-us/library/cc755705(WS.10).aspx
AD LDS Getting Started Step-by-Step Guide
http://technet.microsoft.com/en-us/library/cc770639(WS.10).aspx
Active Directory Lightweight Directory Services
http://technet.microsoft.com/en-us/library/cc731868%28WS.10%29.aspx
Active Directory Lightweight Directory Services Operations Guide
http://technet.microsoft.com/en-us/library/cc816635(WS.10).aspx
Thanks.

Secure LDAP for GWIA Address book

I've setup the GWIA 7.0.3 May 2009 code set and configured for Secure LDAP.
I'm using the same *.b64 and *.key files we use for all our POA and MTAs.
I cannot get the Novell LDAP address book to connect to 636.
Is there a document I can use to help me figure this out.
I can revert to 389 but that port is not open through the firewall.
Mike

POP and IMAP both work on secure port
>>>
From: jgrubbs<[email protected]>
To:novell.support.groupwise.7x.gwia
Date: 9/9/2009 6:36 PM
Subject: Re: Secure LDAP for GWIA Address book
Does POP3 work on the secure port?-- Jeff Grubbs
Novell Technical Support Engineer II
[email protected]-------------------------jgrubbs's Profile: http://forums.novell.com/member.php?userid=41638View this thread: http://forums.novell.com/showthread.php?t=385674

File Server, Mail Server & Address Book

Here's the structure in my company:
One OSX Server is running AFP & Windows services. This server has about 25 users. Another OSX Server is running Mail services and has about 31 users.
I am going to setup a shared Address Book to store and share our clients contact info, so I want to put them into one of the two OSX servers using LDAP. I am not sure if I should use the AFP server as the Directory Master.
The ultimate goal is to have one single Directory master for two OSX machines, 25 user account and a LDAP for about 300 clients info.
What's the best way to configure this? Thanks.

Welcome in the shared AB via Ldap world!
I made it, no-hassle, setting up the OD Master on our 'inner' OSX4.8 server, providing AFP & Windows services. The shared LDAP Address Book is activated on it, via the very nice piece of software 'ABXLdap' from j2anywhere.
The other 'outer' server is providing FTP and Mail services, and is bound via Directory Access to the 'inner' server to auth users from inside (192.168.X.X) and from outside (Internet). It's role is 'OD replica'.
You may found excellent ideas here: http://www.afp548.com/article.php?story=2006041917593768
best regards

Novell Groupwise Address Book is missing

Hi,
on one workstation I have the problem that the Novell Groupwise Address book does not show up.
If I try to go to Services in the File menu, the hour glass shows up for a second and thats it.
Everything else is working on this workstation.
It was working in the beginning, and I did no changes to this user or the system lately.
Thank you, Reinhard.

Originally Posted by mefay
Since one of my users had Office 2003 and was not using Outlook, I went to Control Panel->Add/Remove Programs, selected Microsoft Office 2003, and clicked on the Change button. Select the Add/Remove Features and check Outlook for removal. Without even rebooting, the user can see the Novell Address Book.
Just a note, I really thought there must be an easier or better way to solve this issue than uninstalling Outlook (not that I'm a "fan" of it, but I keep it for "testing" purposes and such).
I found that it was as simple as going in to Control Panel > Mail.
Click the "E-mail Accounts..." button.
Select the bottom radio button under Directory which is called "View or change existing directories or address books", then "Next >".
The list I saw was missing the Novell GroupWise Address Book, but still showed Novell LDAP Address Book and Novell Personal Address Book. I just clicked "Add...", selected "Additional Address Books", clicked "Next >".
At this point I got a list of available options, selected the Novell GroupWise Address Book and clicked "Next >".
The only other thing I found is that in my GroupWise Address Book, the order of the MAPI address books in the first list dictated the order of things in GroupWise. So I removed and re-added a couple different things to get just what I wanted.
Hope this can help someone.

Address Book write LDAP server command via terminal or remote desktop

Hi folks.
I was wondering if anyone has had any experience issuing an 'address book' setting command, to ADD an LDAP entry, via terminal or remote desktop?
In particular, I want to "ADD" a new "LDAP" entry for a specific server, on 40 workstations, using terminal or remote desktop, so that I don't have to leave my desk
I recall that you can issue commands from the terminal, starting with "write"... to add such preferences.
Any thoughts, ideas, or inspiration?
Many thanks,
Derek

Hi,
As far as I know, We couldn't use Command Shell as you list to establish a Remote Desktop. You can use
mstsc /? command to view all mstsc.exe command parameter. We can use the command
mstsc [<connection file>] to establish a Remote Desktop Connection.
However, why did you want use command shell to establish a Remote Desktop? It would be more convenient using
mstsc [<connection file>] command to establish a Remote Desktop.
If you need further assistance on this particular issue or any other Windows related issue, let us know and we will be glad to assist you.
Roger Lu
TechNet Community Support

Domino Address book from Java Mail API

Hi
How do we access the address book of a mail server (typically a Domino mail server in my case) using Java Mail API.
Any help will be greatly appreciated.
Thanks
RajT

Havent done this myself but I dont think the JavaMail api will do this as its focussed on providing mail functionality rather than directory access.
I believe you can access the Domino address book using LDAP. Not sure of the details, or if you need to config the domino server a particular way. The Java api that will help you do this is JNDI, though if your application is domino specific you may actually find it easier to avoid the LDAP approach and see what functioanlity the Notes java api provides in this area.
Check out this redbook:
http://publib-b.boulder.ibm.com/Redbooks.nsf/RedbookAbstracts/sg245986.html?Open

LDAP support limited. How to configure Address Book / Directory Access?

I complained to a sysadmin that my LDAP searches were returning very limited information (just surname and e-mail). He replied,
"...[Address Book] can't be configured to query specific attributes, it can't be configured to show specific attributes except for the small set they have elected to permit, ... it doesn't even show cn/commonName which is a compulsory field in the inetOrgPerson schema or ou/organizationalUnitName which is the standard way of distinguishing components of an organization..."
Directory Access seems to offer facilities for requesting specific attributes. I tried mapping them to Address Book fields, but with no improvement in the search results. Any tips?

Here is some info I found on manually configuring and mapping schemas.
Configuring LDAP Searches and Mappings
Using Directory Access, you can edit the mappings, search bases, and search scopes that specify how Mac OS X finds specific data items in an LDAP directory. You can edit these settings separately for each LDAP directory configuration listed in Directory Access. Each LDAP directory configuration specifies how Mac OS X accesses data in an LDAPv3 or LDAPv2 directory.
You can edit the mapping of each Mac OS X record type to one or more LDAP object classes.
For each record type, you can also edit the mapping of Mac OS X data types, or attributes, to LDAP attributes.
You can edit the LDAP search base and search scope that determine where Mac OS X looks for a particular Mac OS X record type in an LDAP directory.
IMPORTANT: When mapping Mac OS X user attributes to a read/write LDAP directory domain (an LDAP domain that is not read-only), the LDAP attribute mapped to RealName must not be the same as the first attribute in a list of LDAP attributes mapped to RecordName. For example, the cn attribute must not be the first attribute mapped to RecordName if cn is also mapped to RealName.
For detailed specifications of Mac OS X record types and attributes, refer to "Mac OS X Server Open Directory Administration for Version 10.4 or Later" (available at www.apple.com/server/documentation/).
In Directory Access, click Services.
If the lock icon is locked, click it and type the name and password of an administrator.
Select LDAPv3 in the list of services, then click Configure.
If the list of server configurations is hidden, click Show Options.
Select a server configuration in the list, then click Edit.
Click Search & Mappings.
Select the mappings that you want to use as a starting point, if any.
Click the "Access this LDAPv3 server using" pop-up menu and choose a mapping template to use its mappings as a starting point or choose Custom to begin with no predefined mappings.
Add record types and change their search bases as needed.
To add record types, click the Add button below the Record Types and Attributes list. In the sheet that appears, select Record Types, select one or more record types from the list, and then click OK.
To change the search base and search scope of a record type, select it in the Record Types and Attributes List. Then edit the "Search base" field. Select "all subtrees" to set the search scope to include the entire LDAP directory's hierarchy from the search base down. Select "first level only" to set the search scope to include only the search base and one level below it in the LDAP directory's hierarchy.
To remove a record type, select it in the Record Types and Attributes List and click Delete.
To add a mapping for a record type, select the record type in the Record Types and Attributes List. Then click the Add button below "Map to __ items in list" and enter the name of an object class from the LDAP directory. To add another LDAP object class, you can press Return and enter the name of the object class. Specify whether to use all or any of the listed LDAP object classes by using the pop-up menu above the list.
To change a mapping for a record type, select the record type in the Record Types and Attributes List. Then double-click the LDAP object class that you want to change in the "Map to __ items in list" and edit it. Specify whether to use all or any of the listed LDAP object classes by using the pop-up menu above the list.
To remove a mapping for a record type, select the record type in the Record Types and Attributes List. Then click the LDAP object class that you want to remove from the "Map to __ items in list" and click the Delete button below "Map to __ items in list."
Add attributes and change their mappings as needed.
To add attributes to a record type, select the record type in the Record Types and Attributes List. Then click the Add button below the Record Types and Attributes list. In the sheet that appears, select Attribute Types, select one or more attribute types, and then click OK.
To add a mapping for an attribute, select the attribute in the Record Types and Attributes List. Then click the Add button below "Map to __ items in list" and enter the name of an attribute from the LDAP directory. To add another LDAP attribute, you can press Return and enter the name of the attribute.
To change a mapping for an attribute, select the attribute in the Record Types and Attributes List. Then double-click the item that you want to change in the "Map to __ items in list" and edit the item name.
To remove a mapping for an attribute, select the attribute in the Record Types and Attributes List. Then click the item that you want to remove from the "Map to __ items in list" and click the Delete button below "Map to __ items in list."
To change the order of attributes displayed in the list on the right, drag the attributes up or down in the list.
Click Save Template if you want to save your mappings as a template.
Templates saved in the default location are listed in pop-up menus of LDAP mapping templates the next time the current user opens Directory Access. The default location for saved templates is in the current user's home folder at this path:
~/Library/Application Support/Directory Access/LDAPv3/Templates
Click Write to Server if you want to store the mappings in the LDAP directory so that it can supply them automatically to its clients.
You must enter a search base to store the mappings, a distinguished name of an administrator (for example, uid=diradmin,cn=users,dc=ods,dc=example,dc=com), and a password. If you are writing mappings to an Open Directory LDAP server, the correct search base is "cn=config, suffix" (where suffix is the server's search base suffix, such as "dc=ods,dc=example,dc=com").
The LDAP directory supplies its mappings to Mac OS X clients whose custom search policy includes a connection that's configured to get mappings from the LDAP server. The LDAP directory also supplies its mappings to all Mac OS X clients that have an automatic search policy. For instructions, see Configuring Access to an LDAP Directory and Setting Up Search Policies.

Remote Domino LDAP Address Book

Similar Messages

Maybe you are looking for