Leopard Server makes use of Open Directory, an LDAP based directory service of resources – including users and shared contact information. As I mentioned in a previous article, you can set up other Address Book software (such as Thunderbird’s) to access the shared contacts using LDAP.
When it comes to editing these shared contacts, things are a little less straightforward. Leopard comes with an application called “Directory”, that allows you add/delete and edit shared contacts. The trouble is, in doing this, it uses non-standard LDAP attributes (not that there is a “standard” as such, but the ones they use aren’t even used by their own Address Book application). So it is best you just ignore this feature of Directory until Apple fix it – (I’ve logged it with Apple – radar bug report number 5801945).
If you are on a Mac, your best bet is to create your shared contact in Address Book, and then drag the entry to Directory. This works great, except that “notes” are lost. – I’ve logged this as a bug with Apple (radar bug report number 5818049)
If you aren’t on a Mac, or you don’t like the Address Book hack to get around Directory issues, you need another tool to edit the shared contacts. I have found very few tools that could authenticate with a default Open Directory set up – mainly because the client needs to be able to authenticate with SASL, and handle CRAM-MD5 challenge responses.
The one LDAP editor I found that works is Apache Directory Studio.
Once installed, the settings are basically (assuming your Leopard server has domain “
Encryption: [No encryption or SSL]
Authentication Method: CRAM-MD5 (SASL)
Bind DN or User: [Your OD username]
Bind Password: [Your OD password]
Base DN: cn=people,dc=yamato,dc=internal
Leave all other entries as defaults.
Once setup, you can connect and browse to entries. You can edit the entries and save them as required.
This means you can, for example, easily edit an existing shared contact. You could even use it as a crude way to enter shared contacts, by creating a template entry, and using that for new entries. Not pretty, but at least will give you correct attributes for LDAP Address Book searches.
There are better LDAP based address books with editing capabilities on the net, but I couldn’t find any that could authenticate with Open Directory beyond the one mentioned here. If you find any, leave me a note in the comments.
2 thoughts on “Leopard Server and LDAP edit of people in Open Directory”
Did you heared from, or do you have any experiences with http://www.addressbookserver.com/?
I am the developer of Address Book Server (http://www.addressbookserver.com) and have quite a bit of experience with it. The standard edition lets you synchronise either all contact, or a selection of groups with your own Address Book Server. It supports the complete Address Book Schema. The enterprise editon (free upgrade) offers SSL as well as a friendly web interface on top of the standard version. An iPhone clients is in development, awaiting Apple’s blessing for release on the AppStore.
A 2 user trial license can be requested via the website which allows you to evaluate it for yourself.