I've been messing with LDAP for the past couple of days, and following various online tutorials on how to create an addressbook for Thunderbird in openldap. Sure, this isn't too difficult, and I have it working as a proof of concept. I can use phpldapadmin to create new entries in my addressbook, and these will show up in Thunderbird's addressbook.
I've also spent the day reading most of the openldap admin guide (250 pages), which eventually I noticed is missing section E, where I'm sure something simple like this would appear.
However, now I want to organise the addresses into groups. eg, say we have the following staff: John Smith works in the head office and is the CEO Ann Johnson works in the head office and is a general admin person Mary Brown works in the branch office and is the state manager Jane Martin works in the branch office and is a general admin person
I want everybody to be listed in a People group... I want all four people listed in a Staff group... I want John Smith and Mary Brown in a Managers group I want John Smith and Ann Johnson in a Head Office group I want Mary Brown and Jane Martin in a Branch Office group
So, I could do this like this: dn: dc=example,dc=com objectClass: top objectClass: dcObject objectClass: organization o: My Organization dc: example
dn: ou=People,dc=example,dc=com objectClass: top objectClass: organizationalUnit ou: People description: All the people
dn: ou=Staff,dc=example,dc=com objectClass: organizationalUnit objectClass: top ou: Staff
dn: cn=John Smith+mail=jsmith@example.com,ou=People,dc=example,dc=com objectClass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: mozillaAbPersonAlpha givenName: John sn: Smith cn: John Smitih mail: jsmith@example.com
etc for other people
Then I can configure the groups like this:
dn: cn=Managers,dc=example,dc=com cn: Managers of example.com objectclass: groupofNames member: cn=John Smith+mail=jsmith@example.com,ou=People,dc=example,dc=com member: cn=Mary Brown+mail=mbrown@example.com,ou=People,dc=example,dc=com
However, thunderbird doesn't seem to have any smart way to show this group... So, I thought, maybe I could duplicate the "People" and put complete addressbook records into the Managers ou, but then it complains that the same CN already exists, besides the fact that this just seems like a kludge, and not a very "nice" way to achieve this.
PS, the context is to try and replace MS Outlook with Mozilla Thunderbird. With email in IMAP4, that works well. I can share the calendar from thunderbird to iphones/android phones with http://calendarserver.org/. Now I'm just trying to resolve the "shared contacts" issue, which is currently solved by copying (at login) a pst file from a share to the local users profile, and having that configured to open in outlook (add pst data file). I'd prefer to replace all that with ldap, since thunderbird supports ldap for an addressbook, and it would then update immediately (instead of after next login). Also, long term it would be useful to use ldap for other web based login authentication, squid proxy auth, and/or even windows authentication, but, one step/problem at a time.
Thank you for any advise or suggestions, or pointers to documentation.
Regards, Adam