Egroupware : hide private contacts in LDAP

Posted by Antonin AMAND Mon, 28 Aug 2006 14:47:00 GMT

Egroupware can store contacts from address book in an LDAP server. So, it is possible to access address book from a Mail client that supports LDAP.

The problem is that users would see any contact, even if it is private.

To prevent this from happening you can add this in slapd.conf :

access to dn.sub="ou=contacts,dc=example,dc=com"
        filter="(&(objectClass=phpgwContact)(phpgwContactAccess=private))"
        by dn="cn=admin,dc=example,dc=com" write
        by * none

access to dn.sub="ou=contacts,dc=example,dc=com"
        by dn="cn=admin,dc=example,dc=com" write
        by * read

Remember to add this before :

access to *
        by dn="cn=admin,dc=example,dc=com" write
        by * read

Posted in Server Administration, Debian, Unix, Linux
Tags egroupware, ldap
Meta no trackbacks, no comments, permalink, rss, atom

Trackbacks

Use the following link to trackback from your own site:
http://blog.gwikzone.org/trackbacks?article_id=egroupware-hide-private-contacts-in-ldap&day=28&month=08&year=2006

Comments

Syndicate

Gwik's corner

tech blog