[Kolab-devel] Kolab and Novell eDirectory, Active Directory, Generic LDAP

Dieter Kluenter dieter at dkluenter.de
Tue Oct 7 21:54:51 CEST 2003


Stephan Buys <list at codefusion.co.za> writes:

> Great. Answers below.
> As far as I see it the major technical hurdles are:
> 1) Getting the Kolab schema into the directory. Martin - are the kolab servers'
> OIDs registered with the IANA? Luckily Active Directory 2003 support the 
> inetOrgPerson objectclass, which is what is used in Kolab.

just do a ldapsearch -h your.ad.server:389 -b \
"cn=schema,cn=configuration,dc=your,dc=base" \
-x -D "cn=your name,cn=users,dc=your,dc=base" \
-w secret objectclass=* | less

to find out the schema design :-)
> 2) Detecting changes in the Directory. At the moment the Kolab daemon listens
> on the LDAP replication port to detect changes in the directory. We are only
> beginning our investigations into Active Directory, but this will be important for
> eDirectory as well. You want to avoid a polling scheme as far as
> possible.

AD supports the pull philosopy instead of push, as slurpd does. (but
OpenLDAP 2.2 will support pull as well with syncrepl)

>  - Major events include:
> 	- Addition of users
> 	- Deletion of users (at the moment the Kolab backend checkes for a
> 	DELETED attribute, after which it deletes the Imap mailbox and deletes 
> 	the directory object)
> 	- Modification of user object (specifically the userquota
> 	  attribute)

As one can extract the relevant attributes from AD, a perl script
could handle ldap operations.


Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter(at)dkluenter.de

More information about the devel mailing list