Re: [Evolution] LDAP Address Book Fields Greyed Out?

[Paul Legato <plegato nks net>]

Hi Chris,

Thanks for the information. My delete button is enabled in the popup 
editor, indicating that Evolution thinks I have permission, and the 
delete button  does in fact actually delete the associated record from 
the LDAP server.

I've got core.schema, cosine.schema, and inetorgperson.schema all 
included in my slapd.conf. I also had evolutionperson.schema in there. 
Just tried taking it out, and it still doesn't work.

This is the access portion of my slapd.conf. I'm trying to set up three 
address books: 1) NKS Staff (whose entries also store passwords used for 
staff authentication); 2) External Contacts, a companywide, 
user-writable addressbook; and 3) Personal addressbook, each user's 
individual contacts.

############# begin slapd.conf section ###################
defaultaccess none

access to dn="*" attr=userPassword
   by self none
   by users none
   by anonymous auth

access to dn="ou=External Contacts,o=NKS,c=us"
       by users write
       by anonymous none

access to dn="ou=Personal Addressbook,cn=(.*),ou=NKS Staff,o=NKS,c=us"
       by dn="cn=$1,ou=NKS Staff,o=NKS,c=us" write
       by users none
   by anonymous none

access to dn="ou=NKS Staff,o=NKS,c=us"
       by users write
       by anonymous none
############# end slapd.conf section #############


Commenting all of this out and replacing it with "defaultaccess write" 
does not help.

Is there some other option I have to enable in slapd.conf to allow 
subschema queries?

Thanks,
-Paul


Chris Toshok wrote:

> On Thu, 2002-05-30 at 08:16, Mark Foster wrote:
>
> > Been seeing this for quite awhile now. I thought it must be a unfinished
> > feature set or a misconfiguration of the ACL on my OpenLDAP server. Now
> > I think not. I have had some luck editing and creating new (LDAP-based)
> > contacts by either creating them locally in the contacts folder, then
> > drag-n-drop to the LDAP server... or by using the phone list view which
> > let's you edit the fields.
> >
> > Soon I hope to roll my sleeves up and (help) fix/enhance the LDAP
> > integration components. How about you?
>
> Well, the way things are supposed to work the editting is only supposed
> to be enabled when talking to an ldap server that supports subschema
> queries.  There's currently a bug (it looks like) that lets you edit
> fields even when you're not supposed to be able to.  Not sure when/how
> this crept in.
>
> OpenLDAP 2 should be fine - you probably just need to load the correct
> schemas in your slapd.conf file.  Here's the relevant portion of mine:
>
> include         /usr/local/etc/openldap/schema/core.schema
> include         /usr/local/etc/openldap/schema/cosine.schema
> include         /usr/local/etc/openldap/schema/inetorgperson.schema
>
> Those will get you 90% of the fields in the contact editor.  The others
> are in the included evolutionperson.schema, which I'd recommend against
> using.
>
> Chris
>
> > On Wed, 2002-05-29 at 08:57, Paul Legato wrote:
> >
> > > Hi,
> > > We're experiencing weirdness when trying to edit or create new records 
> > > in an LDAP address book through Evolution.
> > >
> > > When I double-click on an address book entry, all the field labels are 
> > > greyed out and the text boxes are uneditable. Despite this, if I click 
> > > the "Full Name..." or "Address..." buttons, the text boxes in the 
> > > resulting popup window are editable and do update the LDAP database when 
> > > "Save and Close" is selected.
> > >
> > > Single-clicking on entry fields in the main address book window does 
> > > allow me to edit them.
> > >
> > > The "New Contact" button functions identically to double-clicking on an 
> > > entry; that is, all the labels are greyed out and the text boxes are 
> > > uneditable, but the "Full Name..." and "Address..." popups both work and 
> > > will successfully update the database when I click "Save and Close".
> > >
> > > The LDAP backend is OpenLDAP 2 and all permissions appear to be set 
> > > correctly. The database is accessible through Mozilla, and an LDAP 
> > > client such as GQ is able to connect as users and query/update the 
> > > remote database normally.
> > >
> > > Anyone else seen this problem or have any idea what could be going wrong?
> > >
> > > Thanks,
> > > -Paul
> > >
> > >
> > >
> > >
> > >
> > > _______________________________________________
> > > evolution maillist  -  evolution ximian com
> > > http://lists.ximian.com/mailman/listinfo/evolution
> >
> > _______________________________________________
> > evolution maillist  -  evolution ximian com
> > http://lists.ximian.com/mailman/listinfo/evolution