Email Clients and LDAP
When
planning a strategy for supporting an
application with a directory, you always start by examining the
application and determining what schema has the ability to support
it. Using a standard schema is vastly preferable to building your
own. Of course, with email you don’t have the
ability to specify what client users will use: at your site, many
different clients are probably in use, and you won’t
make friends by asking users to change. In this section,
we’ll look at four clients, all of which are in
common use: Mozilla Mail, Pine from the University of Washington,
Qualcomm’s Eudora, and Microsoft’s
Outlook Express. Fortunately, the inetOrgPerson
schema supports all of the information items we are concerned with
using in this section.
The following parameters are common to all clients:
The LDAP server is ldap.plainjoe.org.
The base search suffix is
ou=people,dc=plainjoe,dc=org.
Beyond the basic LDAP search parameters and supporting schema, it is imperative to know what version of LDAP the clients will use. Table 7-1 reveals that 3 out of the 4 mail clients listed use LDAPv2 to bind to the directory server. This means that you must explicitly add support for these connections as OpenLDAP 2.1 rejects LDAPv2 binds in default configurations. Add the following line to the global section of slapd.conf:
## Allow LDAPv2 binds from clients needed by several mail client packages. allow bind_v2
then restart the OpenLDAP server to make it recognize the change.
Get LDAP System Administration now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
