Below is a high-level summary of the main user-visible features/changes in each release. For full details, see commit history under the project's "code" tab.
Several support tickets for previous versions were resolved by explaining how to call internal schema modification functions to achieve specific effects. These functions are now documented in the manual and available officially, however the function names differ from previous versions.
old function names (0.41 and earlier)
$ldap_server->modify_attribute_schema() $ldap_server->modify_object_schema()
new function names (0.42 and later):
$ldap_server->modify_attribute_class() $ldap_server->modify_object_class()
This version introduces the ability to configure which columns/attributes are displayed when listing records on a per-location basis. A location of is used to specify the default layout, which is also used when listing search results.
Old notation:
$ldap_server->set_display_columns( array( array("caption"=>"Name", "attrib"=>"sortableName", "link_type"=>"object"), array("caption"=>"E-Mail", "attrib"=>"mail", "link_type"=>"mailto"), array("caption"=>"Company Web Site", "attrib"=>"wWWHomePage", "link_type"=>"url"), array("caption"=>"Office Phone", "attrib"=>"telephoneNumber", "link_type"=>"phone_number"), array("caption"=>"Mobile Phone", "attrib"=>"mobile", "link_type"=>"phone_number") ) );
The following examples show how to configure column layouts for different locations. (When listing the contents of the "Friends and Family" OU, "Company Web Site" will be removed and "Home Phone" will be shown instead "Office Phone".)
$ldap_server->set_display_columns("*", // location to which the layout applies, or "*" for default/all array( array("caption"=>"Name", "attrib"=>"sortableName", "link_type"=>"object"), array("caption"=>"E-Mail", "attrib"=>"mail", "link_type"=>"mailto"), array("caption"=>"Company Web Site", "attrib"=>"wWWHomePage", "link_type"=>"url"), array("caption"=>"Office Phone", "attrib"=>"telephoneNumber", "link_type"=>"phone_number"), array("caption"=>"Mobile Phone", "attrib"=>"mobile", "link_type"=>"phone_number") ) ); $ldap_server3->set_display_columns("OU=Friends and Family,DC=example,DC=org", array( array("caption"=>"Name", "attrib"=>"sortableName", "link_type"=>"object"), array("caption"=>"E-Mail", "attrib"=>"mail", "link_type"=>"mailto"), array("caption"=>"Home Phone", "attrib"=>"homePhone", "link_type"=>"phone_number"), array("caption"=>"Mobile Phone", "attrib"=>"mobile", "link_type"=>"phone_number") ) );
In this version, the Address Book's base DN is configured as part of the LDAP server connection, rather than with a separate global setting.
Old format:
$ldap_server = new ldap_server( "ad", // LDAP server type "dc1.turnersoft.co.uk", // host name/IP address/URL 389 // port number ); // later in config file $ldap_base_dn = "OU=Home,DC=turnersoft,DC=co,DC=uk";
New format:
$ldap_server = new ldap_server( "ad", // LDAP server type "OU=Home,DC=turnersoft,DC=co,DC=uk", // DN of address book "dc1.turnersoft.co.uk", // host name/IP address/URL 389 // port number );
The user setting "display_all_records_by_default" has been removed. In its place, the "front_page_search_filter" setting can be used to define a subtree search filter that should be used instead of displaying the opening page.
This version changes the notation used to configure parts of a record's display layout to be hidden except whilst the record is being edited.
Old notation:
$ldap_server->add_display_layout("inetOrgPerson,user,contact",array( array("section_name"=>"Personal", "attributes"=>array( array("givenName", "Given Name", "contact24.png",true), array("sn", "Surname", "contact24.png",true), array("cn", "Full Name", "contact24.png",true), array("displayName", "Preferred Name", "contact24.png"), array("telephoneNumber", "Office Phone", "landline-phone.png"), array("mail", "E-mail", "mail.png") ) );
The "true" at the end of the first three attributes may be thought of
as "hide this item unless editing". In version 0.34 of the address book
this has been replaced by the "allow_view" setting:
$ldap_server->add_display_layout("inetOrgPerson,user,contact",array( array("section_name"=>"Personal", "attributes"=>array( array("givenName", "Given Name", "contact24.png","allow_view"=>false), array("sn", "Surname", "contact24.png","allow_view"=>false), array("cn", "Full Name", "contact24.png","allow_view"=>false), array("displayName", "Preferred Name", "contact24.png"), array("telephoneNumber", "Office Phone", "landline-phone.png"), array("mail", "E-mail", "mail.png") ) );
Existing config files will need to be updated to use the new notation.
The new "allow_edit" attribute setting can be set to false to create a read-only attribute. The following example will create a simple display layout where users can edit their phone numbers and e-mail addresses but not change their names:
$ldap_server->add_display_layout("inetOrgPerson,user,contact",array( array("section_name"=>"Personal", "attributes"=>array( array("cn", "Full Name", "contact24.png","allow_edit"=>false), array("telephoneNumber", "Office Phone", "landline-phone.png"), array("mail", "E-mail", "mail.png") ) );
This layout could be used in combination with the "allow_edit_self" user permission to create a "self-service" address book where users are allowed to update their own phone numbers and e-mail addresses.
This version introduces significant changes to how users and permissions are managed. Future versions will build on these changes, e.g. with per-attribute editing permissions and "self-service" editing. The following notes explain how the configuration syntax differs from previous versions. See the User Guide for a more complete description of the new functionality.
Anonymous access to the address book is now configured as follows:
$ldap_server->add_user("__ANONYMOUS__", array( "ldap_dn"=>"cn=ldap-browe,cn=Users,dc=example,dc=org", "ldap_password"=>"anon-user-password", // Permissions granted to anonymous users: "allow_browse"=>true, "allow_search"=>true, "allow_view"=>true ));
The user's DN and password should be specified using the "ldap_dn" and "ldap_password" settings. The old $ldap_default_user and $ldap_default_password settings are no longer used.
In previous versions the default permissions assigned to logged-in users were specified like this:
$ldap_server->add_user_mapping("__DEFAULT__", "cn=__USERNAME__,cn=Users,dc=example,dc=org", array( "allow_browse"=>true, "allow_search"=>true, "allow_view"=>true, "allow_export"=>true, "allow_export_bulk"=>true ));
The new syntax in version 0.24 is:
$ldap_server->add_user("__DEFAULT__", array( "allow_browse"=>true, "allow_search"=>true, "allow_view"=>true, "allow_export"=>true ));
The template for the user's DN is no longer needed, and users can be located anywhere in the directory (rather than in a single fixed OU). Users' DNs are looked up using a special account, which should have read-only access to search the directory. The account's DN and password are specified as follows:
$ldap_server->dn_search_user = "cn=ldap-search,cn=Users,dc=example,dc=org"; $ldap_server->dn_search_password = "password";
A template for the user's DN can be specified using the ldap_dn setting (if you still wish to use it), for example:
$ldap_server->add_user("__DEFAULT__", array( "ldap_dn"=>"cn=__USERNAME__,cn=Users,dc=example,dc=org", "allow_browse"=>true, "allow_search"=>true, "allow_view"=>true, "allow_export"=>true ));
Active Directory users can specify a User Principal Name (UPN) for the ldap_dn setting. The corresponding DN will be looked up when the user logs in:
$ldap_server->add_user("__DEFAULT__", array( "ldap_dn"=>"__USERNAME__@example.org", "allow_browse"=>true, "allow_search"=>true, "allow_view"=>true, "allow_export"=>true ));
This version adds a number of new config settings for controlling show dates and times are displayed. Default values will be assumed for older config files that do not include these settings.
The configuration syntax for specifying the display layout has changed in this version so that different types of objects can use different layouts.
Old syntax:
$entry_layout = array( ... );
where the array describes the attributes that appear in records. Replacement syntax is:
$ldap_server->add_display_layout("*",array( ... );
where the contents of the array are the same as before. The * indicates that this layout should be used for all classes of record. The * can be replaced by a name of a class, for example you could create a layout for "groupOfNames" objects which lists the group members.
This version introduces two changes to the configuration syntax. The syntax for specifying an LDAP connection used to be:
$ldap_server_type = "ad"; $ldap_link = ldap_connect("ldap.example.org",389);
This changes to:
$ldap_server = new ldap_server( "ad", // LDAP server type "ldap.example.org", // host name/IP address/URL 389 // port number );
The port number can be missed out if the default LDAP server port (389) is being used.
The second change is to how permissions are configured. The old way was to populate an array of "user mapping" information. In this version each user map entry is specified via a self-contained command, for example:
$ldap_server->add_user_mapping("__DEFAULT__", "__USERNAME__@example.org", array( "allow_browse"=>true, "allow_search"=>true, "allow_view"=>true, "allow_export"=>true, "allow_export_bulk"=>true ));
In contrast to the old syntax:
User map entries can appear in the configuration file in any order.
Permissions which are not granted don't need to be specified.
The mapping entry for __ANONYMOUS__ can be removed completely if anonymous access to your address book isn't allowed.
The new configuration syntax is explained further in the manual.
It should be possible to continue using config files from older versions (back to 0.10) with this release. The user/admin guide explains any additional settings to enable new features.
Some CSS/DOM elements have changed in this version. Custom stylesheets (in file styles_local.css, where used) may need minor changes in order to work as before.
The "Configuring users and permissions" section of the user/admin guide explains how to enable access to the new read/write functionality. The config format is otherwise unchanged since version 0.10.
Config changes needed when upgrading from 0.09:
Attribute names in $ldap_base_dn need to use the same case as the LDAP directory itself. (e.g. where "dc=Something" was previously accepted, this might need changing to "DC=Something").