This guide will show you how to integrate Active Directory/LDAP into the SquirrelMail addressbook. In this page, you will learn how to configure SquirrelMail to activate the Javascript addressbook and to include your Active Directory or LDAP server into the addressbook lookup list.
This is what a typical Active Directory layout looks like.
And here’s a sample OpenLDAP layout. See OpenLDAP Setup Howto for a guide in setting up OpenLDAP.
I used JXplorer to browse the LDAP servers, you’ll need the Java Runtime Environment to use it.
SquirrelMail will be using the following attributes
- cn - Common Name
- mail - Email Address
Configure the SquirrelMail Addressbook
We will be using the Perl based SquirrelMail configuration utility to configure the addressbook.
1. Launch the Terminal application.
2. In the Terminal window, type in /usr/share/squirrelmail/config/conf.pl and press Enter. This will launch the SquirrelMail Configuration utility.If your Terminal window has a white background, make sure that the colors are off by looking for the command Turn color on. If the command is Turn color off, type in C and press Enter to turn the colors off. This will ensure that you will be able to read all of the text.
3. Type in 6 and press Enter to list the Address Books submenu.
4. Select the Javascript address book as the default by typing in 2 and press Enter then type in y and press Enter.
5. Add your Active Directory/LDAP server by typing in 1 and press Enter then type in + and press Enter. You will now be asked a series of questions regarding your Active Directory/LDAP server configuration, see the sample session below.First, we need to have the hostname or the IP address where this LDAP server resides. Example: ldap.bigfoot.com hostname: server Next, we need the server root (base dn). For this, an empty string is allowed. Example: ou=member_directory,o=netcenter.com base: dc=acme,dc=local This is the TCP/IP port number for the LDAP server. Default port is 389. This is optional. Press ENTER for default. port: This is the charset for the server. Default is utf-8. This is also optional. Press ENTER for default. charset: This is the name for the server, used to tag the results of the search. Default it "LDAP: hostname". Press ENTER for default name: You can specify the maximum number of rows in the search result. Default is unlimited. Press ENTER for default. maxrows: If your LDAP server does not like anonymous logins, you can specify... Default is none, anonymous bind. Press ENTER for default. binddn: cn=mailuser,dc=acme,dc=local
If you are connecting to an Active Directory server, binddn can also be in the form of acme\mailuser or mailuser@acme.local
Now, please specify password for that DN. bindpw: password You can specify bind protocol version here. Default protocol version depends on your php ldap settings. Press ENTER for default. protocol: 3 [ldap] command (?=help) > d
You should now be back at the Address Books sub menu, type in q and press Enter to quit and type in y and press Enter to save your changes.
Test the SquirrelMail Addressbook
1. Login to SquirrelMail and compose a new mail.
2. Click the Addresses button (not the Addresses link). This will launch the SquirrelMail Addressbook window. Click the List all button, you should now see your Active Directory/LDAP email addresses.If you are querying a Windows 2003 Server and you are encountering an Operations error message, try enabling the Windows 2003 Active Directory anonymous ldap operations.
***
Posted on 12/12/2007 and last updated on 5/5/2008
Filed under Active Directory , LDAP , SquirrelMail
Share This
May 5th, 2008 at 4:53 am
Hi there,
Need some help…I am setting up squirelmail that connects to a active directory on a windows 2003 server but i keep getting an error: #Error initializing LDAP server localhost: [LDAP: localhost] Invalid DN syntax#
This only happens when i bind it to active directory… I also followed the link above(enabling the Windows 2003 Active Directory anonymous ldap operations.) but I still get the same error.
May 5th, 2008 at 6:38 am
What did you put in the binddn?
May 5th, 2008 at 7:10 am
The microsoft server 2003 active directory > adserver1.example.com
May 5th, 2008 at 7:44 am
I see. binddn should be the distinguished name of a user account. In my example above, I used cn=mailuser,dc=acme,dc=local but I can also use acme\mailuser and mailuser@acme.local. mailuser is an account I created specifically for Active Directory login purposes only.
May 5th, 2008 at 8:18 am
Ah ok… So i need to create another user account for connecting to the active directory? By the way, in adding a user, what is a valid RDN? I keep getting an error: #you need to fill RDN field with a valid RDN#
Thanks for the reply…
Greatly appreciated….
May 5th, 2008 at 12:43 pm
RDN means relative distinguished name. It is easier to use the Active Directory management tools provided by Microsoft so you won’t have to deal with low level LDAP stuffs.
May 6th, 2008 at 1:03 am
Ok… thanks for the help…
September 16th, 2008 at 8:13 am
Hi
I have followed up step by step the above instruction. At the end, when I test, I do not see LDAP drop down list.
In other support web site, it was mentioned that we needed to have a file that would connect to LDAP and would provide the users the list.
Please advise
Is there any special setting we need to do in PHP or Apache to get the list
thx
September 23rd, 2008 at 1:53 pm
None. Just make sure you saved the settings afterwards. Open /usr/share/squirrelmail/config/config.php to check. If the LDAP setting was saved properly, you should see the $ldap_server[0] setting.
October 14th, 2008 at 11:45 am
hi
i tried the above steps my address book is now available in squirrelmail,
but how can i see it in my address option in webmail.
Plz help