From: the_olo <ale...@gm...> - 2006-02-22 20:58:45
|
Hi! The current implementation of LDAP connectivity in eGroupWare Addressbook= is somewhat strange. In most cases, the LDAP directory is used for holding user accounts AND a= s an addressbook, where each account is an addressbook containing e-mail aliases and telephone numbers of that person. This way, one database is used for two purposes. eGroupWare expects LDAP to be constructed completely differently for Addressbook. While it can happily authenticate users against LDAP, it cannot use their LDAP objects as global address book entries, to get their e-mail addresse= s and telephone numbers. Instead, it provides a not very useful option of holding each user's priv= ate contacts in a separate LDAP tree (it even checks if the authentication tr= ee and Addressbook tree are rooted in different places!), requiring WRITE access by eGroupWare to the LDAP database! The most typical configuration would be to use LDAP for a read-only, publ= ic, global address book that holds an organization's members' contact data fo= r use by all the other members of this organization. This read-only LDAP book should just an addition to writable, private contacts of each user. |