****Re: openldap + kmail

[Craig White]

On Tue, 2008-04-29 at 23:42 +0100, Timothy Murphy wrote:
> Timothy Murphy wrote:
> 
> > When I go to KAddressBook=>Settings=>Configure KAddressBook
> > and click on LDAP Lookup=>Add Host,
> > I give my DN as "dc=www,dc=xyz,dc=com".
> 
> I found in the end that what was wanted here
> was the first part of the DN, in my case "DN: Address Book".
> After giving that, I was able to access my LDAP address book
> from KMail.
> 
> I do feel that the KAddressBook and KMail documentation - 
> in particular the Handbooks - are badly written.
> If there had been a single example given in this case
> it would have been obvious what the program was looking for.
> One example is worth a thousand words.
----
the issue with kaddressbook is the same issue with all ldap
clients...once you understand how ldap works, setting up a client like
kaddressbook is no big deal. Basically, everything is a client to LDAP
whether it's postfix/sendmail/cyrus/kaddressbook/evolution/etc. There
really is no functional difference because they all use LDAP protocol to
access and get what they need.

What you are calling a lack of documentation suggests that you expect
all the various LDAP client programs to tell you how LDAP works.
----
> This is all with Security: No .
> To complete my homework, I'm trying to make sense of openldap + TLS.
> But in the meantime I can live without that.
> Hopefully Gerald Carter when he arrives will throw some light on this.
----
it does - sorta.

The way I do it is:
1 - set up my own CA
2 - generate and sign various client certs for applications
3 - assign the client certs to each various application (like
slapd.conf)
----
> But thanks to all for their help.
> I must write out what I have learned, although I found
> "setting up an LDAP-server for use with kaddressbook"
> at <http://www.hoernerfranzracing.de/kde/ldap.html> very useful.
----
good - you'll like the book too.

Craig