By John Rizzo. In most modern network directories such as Mac OS X Lion Server, LDAP (Lightweight Directory Access Protocol) defines how clients communicate with the directory over TCP/IP networks.
Apple's Address Book (10.2 and up) is a wonderful application. There's even LDAP technology built in, whatever that is. If you are using Mac OS X Server, you will know that through LDAP, your users can get each others' address data. Which is cool if you are with a lot of people on your campus, company, or home. But wouldn't it be more fun to have the address entries of 'outsiders' in there, too (but without making accounts for them on the Server)? I stumbled on this php tool called phpLDAPadmin which allows me (amongst others) to add phonebook entries in the server once, so that all users can get to these addresses using Apple's Address Book! LDAP servers are vulnerable to outside peeking and changing; secure them wel!.
Copy the tool into your webserver folder. /Library - WebServer - Documents), renaming it to just phpldapadmin, or linking a shorter name to it; whatever suits you. Make a config.php file. (there's an example file which you can copy, rename and use.). Change the settings: an example: $servers$i'name' = 'server name'; $servers$i'host' = 'url of the server'; $servers$i'base' = 'base DN (e.g.
Dc=mydomain,dc=com)'; $servers$i'port' = 389; $servers$i'authtype' = 'form or config, (form works best i think)'; $servers$i'logindn' = 'uid=myusername,cn=users,dc=mydomain,dc=com'; $servers$i'loginpass' = 'my password'; The config example has a lot more comments, by the way. Open up Safari, and surf to the webpage (if all is well, you will see the tree of your LDAP server. Create new entry in this tree of type Organisational unit (ou), called for example 'phonebook'. Expand this Phonebook entry and now Create New entry, this time of type Address Book Entry. Repeat this for all your outsiders' records. On any Mac in your network, open Address Book. Go to Preferences and select the LDAP tab.
Add an LDAP entry, using the correct IP address, search base (depending on what you created in step six, ou=phonebook in my case), username and password. In the main window of the Address Book itself, click on Directories, and search for an entry you have previously entered, et voila! Of course, only step 7 (to add entries) and step 10 (to consult them) need to be performed regularly.
Have fun, and let me know if you know how I can enter entries in an LDAP server using ApplScript! This is a good tip.
Many applications, like Mozilla, can use LDAP directories for their address book. In my system, the naming structure was slightly different. It didn't contain my domain components. My DN was just 'uid=tji, cn=users'. This is probably due to some configuration option when I installed Jaguar. It would be nice if the Address Book application allowed you to write to the directory server.
The PHPLDAPAdmin interface is okay, but could be much better. To use this a s a full Address Book, you will also probably want to add attributes to the user record.
![Lightweight Directory Access Protocol For Mac Lightweight Directory Access Protocol For Mac](/uploads/1/2/5/4/125439956/951504489.png)
I like to keep birth dates, anniversaries, etc. Also, as the author mentioned, this can expose sensitive OS and user information via LDAP. If you want to dig into the OpenLDAP configuration, you can set access controls, but the config is a bit complex. Also, I hesitate to monkey with the config files too much, as they will probably get overwritten in an application or OS upgrade. I just want to share my addresses with my wife (on the same computer) and vice versa. When either one of us updates a given person or group, I want the change to be reflected in the other user's account. I haven't read too deeply into this hint, but at first blush, it seems like overkill for my needs.
I have no home network to speak of (connect a Pismo via AirPort and Ethernet from time to time), so I have no other uses for LDAP that I can think of, and I want something that requires little or no maintenance (although I don't mind a little setup time). And I don't want to make my computer any more 'insecure' than it already is. Can anyone familiar with LDAP confirm that it's not what I'm looking for? Anyone offer an alternative for my needs?
There are easier (and mostly commercial) solutions for addressbook sharing. The hint is intended for those of us who work in a small (5+ users) to large corporate/educational or governmental organisation. And for those that like to fiddle with their expensive but omnipotent MacOS X Server software, so that they can use free technology to accomplish the same (albeit more powerfull) result than commercial programs. Come'on Apple, implement a 'Share your address-book via Rendez-Vous' function in AddressBook for the masses! - - The Nimitz.