====== Работа с LDAP в Roundcube ======
FIXME

Решение успешно используется в [[roundcube:roundcube|]].
====== Адресная книга ======
Здесь приведен пример для работы с следующими адресными книгами:
  * [[#Личные данные|Личные данные]]
  * [[#Личные адреса|Личные адреса]]
  * [[#Сотрудники|Сотрудники]]
  * [[#Общее|Общее]]

Для начала нужно добавить схему [[openldap:openldap#inetorgperson|inetorgperson]]

===== Порядок подбора адреса =====
<code php config.inc.php>
$rcmail_config['autocomplete_addressbooks'] = array('private','company','common');
</code>

===== Группы адресов =====

:!: В Roundcube группы создаются пустыми, для того, чтобы это работало нужно выполнить настройку по следующему описанию: [[openldap:openldap#emptygroupofnames|Настройка LDAP сервера для работы с группами]].


===== Личные данные =====
Специальная адресная книга для изменения определенных полей личной записи пользователя.
<diagram>
|root|root=**dc=domain**
|!|
|`|users|users=**ou=users**
| |!|
| |`|user|user=uid=user1
</diagram>

<hidden Часть файла config.inc.php>
<code php config.inc.php>
$rcmail_config['ldap_public']['personal'] = array(
	'name'			=> '0 Личные данные',
	'hosts'			=> array('ldap0'),
	'port'			=> 389,
	'user_specific'		=> true,
	'base_dn'		=> 'uid=%u,ou=users,dc=domain',
	'bind_dn'		=> 'uid=%u,ou=users,dc=domain',
	'bind_pass'		=> '',
	'writable'		=> true,
//	'hidden'		=> true,
//	'searchonly'		=> true,
	'LDAP_Object_Classes'	=> array('inetOrgPerson'),
	'LDAP_rdn'		=> 'cn',
	'required_fields'	=> array('cn', 'sn'),
	'search_fields'		=> array('cn','mail'),
	'fieldmap'			=> array(
		'name'			=> 'cn',
		'firstname'		=> 'givenName',
		'surname'		=> 'sn',
		'jobtitle'		=> 'title',
		'businessCategory'	=> 'businessCategory',
		'email'			=> 'mail:*',
		'phone:work'		=> 'telephoneNumber',
		'phone:mobile'		=> 'mobile',
		'phone:home'		=> 'homePhone',
		'phone:workfax'		=> 'facsimileTelephoneNumber',
		'street'		=> 'street',
		'zipcode'		=> 'postalCode',
		'region'		=> 'st',
		'locality'		=> 'l',
		'country'		=> 'c',
		'organization'		=> 'o',
		'department'		=> 'businessCategory',
		'notes'			=> 'description',
	),
	'scope'	=> 'base',
);
</code>
</hidden>
===== Личные адреса =====
Личная адресная книга.

<diagram>
|root|root=**dc=domain**
|!|
|`|users|users=**ou=users**
| |!|
| |)|user|user=**uid=user1**
| |!|!|
| |!|!|
| |!|)|address|address=cn=address1
| |!|!|
| |!|`|group|group=cn=group1
| |!|
| |`|user|user=**uid=user2**
| | |!|
| | |!|
| | |)|address|address=cn=address1
| | |!|
| | |`|group|group=cn=group1
</diagram>

<hidden Часть файла config.inc.php>
<code php config.inc.php>
$rcmail_config['ldap_public']['private'] = array(
	'name'				=> '1 Личные адреса',
	'hosts'				=> array('ldap0'),
	'port'				=> 389,
	'user_specific'		=> true,
	'base_dn'			=> 'uid=%u,ou=users,dc=domain',
	'bind_dn'			=> 'uid=%u,ou=users,dc=domain',
	'bind_pass'			=> '',
	'writable'			=> true,
	'LDAP_Object_Classes'	        => array('inetOrgPerson'),
	'LDAP_rdn'			=> 'cn',
	'required_fields'	=> array('cn', 'sn'),
	'search_fields'		=> array('cn','mail'),
	'fieldmap'			=>array(
	'name'				=> 'cn',
	'firstname'			=> 'givenName',
	'surname'			=> 'sn',
	'jobtitle'			=> 'title',
	'businessCategory'	=> 'businessCategory',
	'email'				=> 'mail:*',
	'phone:work'		=> 'telephoneNumber',
	'phone:mobile'		=> 'mobile',
	'phone:home'		=> 'homePhone',
	'phone:workfax'		=> 'facsimileTelephoneNumber',
	'street'			=> 'street',
	'zipcode'			=> 'postalCode',
	'region'			=> 'st',
	'locality'			=> 'l',
	'country'			=> 'c',
	'organization'		=> 'o',
	'department'		=> 'businessCategory',
	'notes'				=> 'description',
),
	'sub_fields' => array(),
	'sort'				=> 'cn',
	'scope'				=> 'list',
	'filter'			=> '(objectClass=inetOrgPerson)',
	'fuzzy_search'		=> true,
	'vlv'				=> false,
	'numsub_filter'		=> '(objectClass=organizationalUnit)',
	'sizelimit'			=> '0',
	'timelimit'			=> '0',
	'referrals'			=> true|false,
	'filter'			=> '(&(|(objectClass=person)(|(objectClass=nisMailAlias))) )',
	'groups'	=> array(
		'required_fields'	=> array('cn', 'sn'),
		'base_dn'			=> 'uid=%u,ou=users,dc=domain',
		'bind_dn'			=> 'uid=%u,ou=users,dc=domain',
		'bind_pass'			=> '',
		'writable'			=> true,
		'scope'				=> 'sub',
		'filter'			=> '(objectClass=groupOfNames)',
		'object_classes'	=> array('top', 'groupOfNames'),
		'member_attr'		=> 'member',
		'name_attr'			=> 'cn',
		'email_attr'		=> 'mail',
		'member_filter'		=> '(objectclass=*)',
		'vlv'				=> false,
	),
);
</code>
</hidden>

<code php config.inc.php>
$config['address_book_type'] = 'ldap';
</code>

===== Сотрудники =====
Адреса пользователей домена (сотрудников организации).

<diagram>
|root|root=**dc=domain**
|!|
|`|users|users=**ou=users**
| |!|
| |)|user|user=uid=user1
| |!|
| |)|user|user=uid=user2
| |!|
| |`|user|user=uid=user3
</diagram>

<hidden Часть файла config.inc.php>
<code php config.inc.php>
$rcmail_config['ldap_public']['company'] = array(
	'name'				=> '2 Сотрудники',
	'hosts'				=> array('ldap'),
	'port'				=> 389,
	'use_tls'			=> false,
	'ldap_version'		> 3,
	'network_timeout'	=> 10,
	'user_specific'		=> false,
	'base_dn'			=> 'ou=users,dc=domain',
	'bind_dn'			=> '',
	'bind_pass'			=> '',
	'search_base_dn'	=> '',
	'search_filter'		=> '',
	'search_bind_dn'	=> '',
	'search_bind_pw'	=> '',
	'search_dn_default'	=> '',
	'auth_cid'			=> '',
	'auth_method'		=> '',
	'hidden'		=> false,
	'searchonly'	=> false,
	'writable'		=> false,
	'search_fields'	=> array('cn','mail'),
	'fieldmap'		=> array(
		'name'				=> 'cn',
		// 'surname'		=> 'sn',
		// 'firstname'		=> 'givenName',
		// 'jobtitle'		=> 'title',
		'email:Основной'	=> 'maildrop:*',
		'email:Дополнит.'	=> 'mail:*',
		// 'email:Псевдоним'	=> 'rfc822MailMember:*',
		'phone:home'  =>	'homePhone',
		'phone:work'  =>	'telephoneNumber',
		// 'phone:workfax'	=> 'facsimileTelephoneNumber',
		'phone:mobile' =>	'mobile',
		'phone:pager'		=> 'pager',
		'street'			=> 'street',
		'zipcode'			=> 'postalCode',
		'region'			=> 'st',
		'locality'			=> 'l',
		'country'			=> 'c',
		'organization'		=> 'o',
		'department'		=> 'ou',
		'jobtitle'			=> 'title',
		'notes'				=> 'description',
		),
	'sub_fields' => array(),
	'sort'			=> 'cn',
	'scope'			=> 'sub',
	'filter'		=> '(objectClass=inetOrgPerson)',
	'fuzzy_search'	=> true,
	'vlv'			=> false,
	'numsub_filter'	=> '(objectClass=organizationalUnit)',
	'sizelimit'		=> '0',
	'timelimit'		=> '0',
	'referrals'		=> true|false,
	'filter'        => '(& (!(l=disabled)) (|(objectClass=mailUser)) )',

    'groups'    => array(
        'required_fields'       => array('cn', 'sn'),
        'base_dn'               => 'ou=groups,dc=domain',
        'bind_dn'               => 'ou=groups,dc=domain',
        'bind_pass'             => '',
        'writable'              => false,
        'scope'                 => 'sub',
        'filter'                => '(objectClass=mailGroup)',
        'object_classes'        => array('top', 'mailGroup'),
        'member_attr'           => 'member',
        'name_attr'             => 'description',
        'email_attr'            => 'mail',
        'member_filter'         => '(objectclass=*)',
        'vlv'                   => false,
    ),


);
</code>
</hidden>
===== Общее =====
Общая адресная книга.

<diagram>
|root|root=**dc=domain**
|!|
|`|users|users=**ou=addressbook**
| |!|
| |)|address|address=cn=address1
| |!| |
| |)|address|address=cn=address2
| |!| |
| |)|address|address=cn=address3
| |!|
| |)|group|group=cn=group1
| |!| |
| |)|group|group=cn=group2
| |!| |
| |`|group|group=cn=group3
</diagram>

<hidden Часть файла config.inc.php>
<code php config.inc.php>
$rcmail_config['ldap_public']['common'] = array(
	'name'				=> '3 Общие',
	'hosts'				=> array('ldap0'),
	'port'				=> 389,
	'use_tls'			=> false,
	'ldap_version'		=> 3,
	'network_timeout'	=> 10,
	'user_specific'		=>false,
	'base_dn'			=> 'ou=addressbook,dc=domain',
	'bind_dn'			=> 'cn=addressbook,dc=domain',
	'bind_pass'			=> 'PASSWORD',
	'search_base_dn'	=> '',
	'search_filter'		=> '',
	'search_bind_dn'	=> '',
	'search_bind_pw'	=> '',
	'search_dn_default'	=> '',
	'auth_cid'			=> '',
	'auth_method'		=> '',
	'hidden'			=> false,
	'searchonly'		=> false,
	'writable'			=> true,
	'LDAP_Object_Classes'	=> array('inetOrgPerson'),
	'LDAP_rdn'			=> 'cn',
	'required_fields'	=> array('cn', 'sn'),
	'search_fields'		=> array('cn','mail'),
	'fieldmap'			=> array(
	'name'				=> 'cn',
	'firstname'			=> 'givenName',
	'surname'			=> 'sn',
	'jobtitle'			=> 'title',
	'businessCategory'	=> 'businessCategory',
	'email'				=> 'mail:*',
	'phone:work'		=> 'telephoneNumber',
	'phone:workfax'		=> 'facsimileTelephoneNumber',
	'phone:mobile'		=> 'mobile',
	'phone:home'		=> 'homePhone',
	'street'			=> 'street',
	'zipcode'			=> 'postalCode',
	'region'			=> 'st',
	'locality'			=> 'l',
	'country'			=> 'c',
	'organization'		=> 'o',
	'department'		=> 'businessCategory',
	'notes'				=> 'description',
	),
	'sub_fields'		=> array(),
	'sort'				=> 'cn',
	'scope'				=> 'sub',
	'filter'			=> '(objectClass=inetOrgPerson)',
	'fuzzy_search'		=> true,
	'vlv'				=> false,
	'numsub_filter'		=> '(objectClass=organizationalUnit)',
	'sizelimit'			=> '0',
	'timelimit'			=> '0',
	'referrals'			=> true|false,
	'filter'			=> '(&(|(objectClass=person)(|(objectClass=nisMailAlias))) )',

	'groups'	=> array(
		'base_dn'				=> 'ou=addressbook,dc=domain',
		'scope'					=> 'sub',
		'filter'				=> '(objectClass=groupOfNames)',
		'object_classes'		=> array('top', 'groupOfNames'),
		'member_attr'			=> 'member',
		'name_attr'				=> 'cn',
		'email_attr'			=> 'mail',
		'member_filter'			=> '(objectclass=*)',
		'vlv'					=> false,
		'class_member_attr'		=> array(
		'groupofnames'			=> 'member',
		'groupofuniquenames'	=> 'uniquemember'
		),
	),
);
</code>
</hidden>

====== Ссылки ======

[[https://github.com/roundcube/roundcubemail/wiki/Configuration:-LDAP-Address-Books|Configuration: LDAP Address Books]]


{{tag>email LDAP}}