Results 1 to 10 of 10

Thread: Change the GAL External LDAP mappings?

Hybrid View

  1. #1
    Join Date
    Oct 2005
    Rep Power

    Default Change the GAL External LDAP mappings?

    Is it possible to change the generic attribute mappings when using an external LDAP services that provides GAL for a domain? Is there a configuration file that I could modify which objects Zimbra pulls from an external LDAP source?

    My issue is Zimbra (based on the Zimbra documentation) is mapping the LDAP object "postalAddress" to Zimbra object "workStreet". This seems to be wrong based on rfc2252, rfc2798, and rfc2256. This could be a showstopper of a lot of the universities and companies that have bulit there LDAP directory based on the rfc's.
    ************************************************** ******
    6.27. Postal Address
    ( DESC 'Postal Address' )
    Values in this syntax are encoded according to the following BNF:
    postal-address = dstring *( "$" dstring )
    In the above, each dstring component of a postal address value is
    encoded as a value of type Directory String syntax. Backslashes and
    dollar characters, if they occur in the component, are quoted as
    described in section 4.3. Many servers limit the postal address to
    six lines of up to thirty characters.
    1234 Main St.$Anytown, CA 12345$USA
    \241,000,000 Sweepstakes$PO Box 1000000$Anytown, CA 12345$USA
    ************************************************** ******

    I would like to instead map the Zimbra object "workStreet" to the rfc2256 standard "street" or "streetAddress"
    ************************************************** *******
    5.10. street

    This attribute contains the physical address of the object to which
    the entry corresponds, such as an address for package delivery

    ( NAME 'street' EQUALITY caseIgnoreMatch
    SUBSTR caseIgnoreSubstringsMatch
    SYNTAX{128} )
    ************************************************** *******

  2. #2
    Join Date
    Aug 2005
    Rep Power


    Hi. It sounds like you are right.

    As far as changing the mappings, the mappings themselves are stored in LDAP, in the "cn=config,cn=zimbra" DN:

    zimbraGalLdapAttrMap: co=workCountry
    zimbraGalLdapAttrMap: company=company
    zimbraGalLdapAttrMap: givenName=firstName
    zimbraGalLdapAttrMap: sn=lastName
    zimbraGalLdapAttrMap: displayName,cn=fullName
    zimbraGalLdapAttrMap: initials=initials
    zimbraGalLdapAttrMap: l=workCity
    zimbraGalLdapAttrMap: physicalDeliveryOfficeName=office
    zimbraGalLdapAttrMap: ou=department
    zimbraGalLdapAttrMap: postalAddress=workStreet
    zimbraGalLdapAttrMap: postalCode=workPostalCode
    zimbraGalLdapAttrMap: telephoneNumber=workPhone
    zimbraGalLdapAttrMap: st=workState
    zimbraGalLdapAttrMap: zimbraMailDeliveryAddress,mail=email
    zimbraGalLdapAttrMap: zimbraMailAlias=email2
    zimbraGalLdapAttrMap: title=jobTitle
    The attribute on the left hand side of the "=" is the LDAP attribute, and the attribute on the right is our address book attribute name. If there are multiple attributes on the left hand side (separated by commas) then it means use the first attribute that is set.

    I seem to recall this (mapping) is described in the admin docs, but I maybe wrong.

    I'll go ahead and file a bug and fix this.

    thanks, roland

  3. #3
    Join Date
    Aug 2005
    Rep Power


    bug: 4295 in our db (our bug db isn't public yet, but will be soon), and fixed for next release.



  4. #4
    Join Date
    Oct 2005
    Rep Power


    thanks for the reply roland,

    2 question,

    1) you've told me where the mapping is, but I'm not sure how to change it. None, of the command line tools look like they can change this mapping. I know the docs say don't use an external LDAP browser to change anything, but is that the only way?

    2) any chance the other feilds could be imported from the external LDAP for the GAL. Example, we keep home address, cell numbers, and other information in our LDAP server, being that it's external to Zimbra, is there feilds that I could map to. When I'm in the web client and select to add a new personal contact I see all the feilds we need. I just want to be able to have those same feilds in the GAL and map them to an external LDAP services.

    thanks for all the help

  5. #5
    Join Date
    Aug 2005
    Rep Power


    You can use zmprov to change global config via:

    zmprov mcf attr1 value1 [attr2 value2...]
    When changing multi-value attributes with zmprov, you currently need to specify all of them in one modify, as they are all replaced. So you'll have to do something like:

    zmprov mcf zimbraGalLdapAttrMap a=b zimbraGalLdapAttrMap c=d ...
    For this particular case it is also safe to modify those values directly in LDAP if you'd like (via ldapmodify, etc). You'll need to restart the server to have it pick up the changes.

    To map other fields, you can probably look at (server) or ZmContact.js (client code) to see the fields we currently support in the UI.

    I'll include the ones from ZmContact.js here.

    ZmContact.F_assistantPhone	= "assistantPhone";
    ZmContact.F_callbackPhone	= "callbackPhone";
    ZmContact.F_carPhone		= "carPhone";
    ZmContact.F_company			= "company";
    ZmContact.F_companyPhone	= "companyPhone";
    ZmContact.F_email			= "email";
    ZmContact.F_email2			= "email2";
    ZmContact.F_email3			= "email3";
    ZmContact.F_fileAs			= "fileAs";
    ZmContact.F_firstName		= "firstName";
    ZmContact.F_homeCity		= "homeCity";
    ZmContact.F_homeCountry		= "homeCountry";
    ZmContact.F_homeFax			= "homeFax";
    ZmContact.F_homePhone		= "homePhone";
    ZmContact.F_homePhone2		= "homePhone2";
    ZmContact.F_homePostalCode	= "homePostalCode";
    ZmContact.F_homeState		= "homeState";
    ZmContact.F_homeStreet		= "homeStreet";
    ZmContact.F_homeURL			= "homeURL";
    ZmContact.F_jobTitle		= "jobTitle";
    ZmContact.F_lastName		= "lastName";
    ZmContact.F_middleName		= "middleName";
    ZmContact.F_mobilePhone		= "mobilePhone";
    ZmContact.F_namePrefix		= "namePrefix";
    ZmContact.F_nameSuffix		= "nameSuffix";
    ZmContact.F_notes			= "notes";
    ZmContact.F_otherCity		= "otherCity";
    ZmContact.F_otherCountry	= "otherCountry";
    ZmContact.F_otherFax		= "otherFax";
    ZmContact.F_otherPhone		= "otherPhone";
    ZmContact.F_otherPostalCode	= "otherPostalCode";
    ZmContact.F_otherState		= "otherState";
    ZmContact.F_otherStreet		= "otherStreet";
    ZmContact.F_otherURL		= "otherURL";
    ZmContact.F_pager			= "pager";
    ZmContact.F_workCity		= "workCity";
    ZmContact.F_workCountry		= "workCountry";
    ZmContact.F_workFax			= "workFax";
    ZmContact.F_workPhone		= "workPhone";
    ZmContact.F_workPhone2		= "workPhone2";
    ZmContact.F_workPostalCode	= "workPostalCode";
    ZmContact.F_workState		= "workState";
    ZmContact.F_workStreet		= "workStreet";
    ZmContact.F_workURL			= "workURL";
    thanks, roland

  6. #6
    Join Date
    Sep 2005
    Rep Power

    Unhappy zimbragalldapattrmap is Immutable?


    Im trying to change an attribute mapping like the instructions above, but I'm getting the following error:

    [root@mail bin]# ./zmprov mcf zimbraGalLdapAttrMap displayName=fullName
    ERROR: service.INVALID_REQUEST (invalid request: zimbragalldapattrmap is immutable)

    I want to take off the "cn" from fullName, but says that attribute is immutable...



Similar Threads

  1. LDAP Filter issue and GAL
    By G-Money in forum Administrators
    Replies: 2
    Last Post: 06-24-2010, 12:13 PM
  2. External LDAP GAL help (please)
    By dlochart in forum Administrators
    Replies: 24
    Last Post: 07-09-2007, 05:46 PM
  3. External LDAP Problem
    By facerw in forum Installation
    Replies: 7
    Last Post: 05-08-2007, 04:29 AM
  4. Help configuring GAL with external LDAP
    By ciam in forum Administrators
    Replies: 2
    Last Post: 02-07-2007, 10:09 PM
  5. Authentication to external ldap stop working.
    By jahaj in forum Installation
    Replies: 3
    Last Post: 12-05-2006, 02:17 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts