Hi,
We currently used openldap as provided out of the box (binary) by Ubuntu
12.04 LTS.
We need to enable Outlook LDAP Addressook browsing when used with our
OpenLDAP current setup.
According to past posts on the OpenLDAP technical mailing list, there seems
to be two requirements:
- Add ORDERING caseIgnoreOrderingMatch in the definition of core schema
attribute CN (or Name)
- Enable LDAP Virtual List View (VLV - OID: 2.16.840.1.113730.3.4.9)
control and Server Side Control (SSS - OID: 1.2.840.113556.1.4.473) control
on the OpenLDAP server
### Modify (or extend, or replace) definition of core schema attribute
As per those posts below, it is possible to mofidy core schema attribute(s)
by updating source code and recompiling openldap.
http://www.openldap.org/cgi-bin/wilma_hiliter/openldap-technical/201001/m...
http://www.openldap.org/cgi-bin/wilma_hiliter/openldap-technical/201212/m...
Unfortunately this is not an option for us.
Is there other way(s) via a local schema or else to modify/extend
definition of OpenLDAP core attributes without modifying source code and
recompiling?
Via ldpamodify or via the creation of a module/overlay maybe that could be
loaded via openldap configuration file slapd.conf at startup?
The slapd.conf method would be our preference at the moment.
As last resort, if not technically possible via slapd.conf, would using the
OpenLDAP On-Line Configuration (OLC - cn=config - slapd.config) method
instead allow such extend/modification of core schema attributes?
If yes how?
We are aware that may render our ldapserver no longer fully RFC compliant,
but we need to be pragmatic here to provide an effective solution to
end-users.
We already use our own local LDAP schema definition anyway :-)
Thank in advance for your any help/enlightenment you could provide.
### VLV and SSS Control(s) have been enabled as follow
# Added the following in /etc/ldap/sldap.conf
(...)
moduleload sssvlv
overlay sssvlv
sssvlv-max 8
sssvlv-maxkeys 5
#sssvlv-maxperconn 5 <-- this option is not currently availabe in current
database backend version
(...)
# Restart ldap server
/etc/init.d/slapd restart
# Check
ldapsearch -x -b '' -s base '(ObjectClass=*)' + -D
"uid=richard,ou=people,dc=example,dc=com" -W
(...)
supportedControl: 2.16.840.1.113730.3.4.9 <-- LDAP Virtual List View (VLV)
supportedControl: 1.2.840.113556.1.4.473 <-- Server Side Control (SSS)
(...)
Regards,
Richard Leger