Print

LDAPeople

The most versatile LDAP client for iPhone / iPod touch

Quickly search for people in the directory of your school / university. Look up the contact information of fellow coworkers in the directory of the company you work for.

Why is LDAPeople the most versatile LDAP solution for the iPhone / iPod touch? Find the answer in our FAQ!

App details

LDAPeople is a versatile LDAP addressbook client. You can use it to query LDAP based directory servers for addressbook records. LDAPeople displays a list of entries that match your query and provides a detailled view for each record found. In the detail view, you can tap on a persons phone number, e-mail address or url and your device will instantly call that person or open your e-mail application or webbrowser for the selected address.

LDAPeople supports both LDAPv2 and LDAPv3 using anonymous bind or simple authentication. Everything that depends on attributes specific to a certain LDAP directory server is configurable. You are free to configure a custom LDAP filter for queries and there's even a complete attribute mapper that maps attributes from your directory server to iPhone / iPod touch addressbook attributes according to your needs. For secure connections, LDAPS (LDAP over SSL) is supported.

Versatile usage

  • search LDAP based directories for addressbook records
  • quickly send an e-mail, make a phone call or browse the website of found addressbook records
  • look up the address of found records in the map application
  • copy addressbook records from the directory into your local contacts database

Features

  • support for an unlimited number of LDAP directory configurations
  • configuration options for directory server specific attributes (attribute mapper)
  • sophisticated and freely customizable LDAP filters
  • configuration export and import (XML)
  • complete attribute mapper for mapping directory server attributes to local contacts attributes
  • support for LDAPS (LDAP over SSL)
  • support for LDAPv2 and LDAPv3
  • anonymous bind or simple authentication
  • copy LDAP contacts to your local addressbook

What LDAPeople will enable you to

  • quickly search for people in the directory of your school / university
  • look up the contact information of fellow coworkers in the directory of the company you work for

LDAPeople uses the OpenLDAP library (© OpenLDAP Foundation). For further information about its license, see here. This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit. (http://www.openssl.org/). For further information about its license, see here.

Screenshots

Configuration

Configuration Import & Export

Since version 2.1, users may directly import a specific LDAPeople configuration from a prepared configuration file URL.

The Configuration File
Please refer to this complete example configuration. It demonstrates all elements that can be configured. You may download the example configuration file here.

Elements
The above mentioned example file demonstrates all elements available to build a complete LDAPeople configuration for one LDAP directory. It is not necessary to include all the possible elements; LDAPeople provides reasonable default values.
Please make sure to properly escape the & and characters (using either the & or CDATA notatin) when writing the configuration file manually.

URL Based Import
The easiest way for users to import a configuration is to provide them a URL that points to the configuration file. LDAPeople immediately opens with the configuration file URL already present when a user clicks on the URL link in Safari on their iPhone or iPod touch. An example to be used in a web page:

<a href="ldapeople:?confurl=http://www.site.com/cnf.xml">
LDAPeople configuration import for MySite  
</a>
In this example your configuration file is expected to be reachable under the URL http://www.example.com/mysite.xml.
Of course you can also send HTML e-mail messages that contain such links.

Configuration Export

Follow these steps to export the configuration for a LDAP directory that you have already setup:

  1. Touch Edit in the Overview
  2. Select the directory that you would like to export the configuration for
  3. Touch the organize button in the upper right corner of the selected configuration
  4. Chose Export Configuration
Your mail application will launch with the configuration file already present in a new e-mail message. You can now enter the e-mail address that you would like to send the configuration to. The recipient (which might usually be yourself) can then copy the configuration and paste it into a file.

Required Settings

The minimum required configuration consists of a Description, a Server and a Search Base.

Description
This is the "pretty name" for your Directory. Choose according to you liking. Examples:

MyCompany Directory
University of Greenberg
Private LDAP Server

Server
This is the fully qualified hostname (or IP address) of the LDAP server to connect to. This parameter is required. Optionally a port can be appended to the server using the :portnumber notation. If no port is specified, the default port (389) is used. Examples:

directory.washington.edu
directory.mycompany.com
directory.mycompany.com:1234

Search Base
This is the distinguished name to be used as search base for all LDAP queries. This parameter is required. Examples:

o=University of Washington,c=USo=Addressbook,dc=mycompany,dc=com

Advanced Settings

LDAPeople comes preconfigured with reasonable values for all the advanced settings and so you might not have to bother about about them at all. If you would like to customize the application beyond the basic setup however, there are lots of things to configure here.

Bind DN (Username)
The optional Bind DN (Username) used to bind to the LDAP server. If left empty, an anonymous connection is made. Only the "simple" authentication method is supported at this time. Please not that the Bind DN has the form of a distinguished name and is not just a login name.

Password
If a Bind DN (username) is configured for the connection, the corresponding password must be set here.

Query Filter
This is the LDAP filter used to query the directory. For a detailed explanation of the LDAP search filter notation, please consult RFC 2254.
In LDAPeople, any occurence of % (or %0) in the filter statement will get replaced with the whole query string that you have entered. For example, if the query string is set to (|(givenName=%*)(sn=%*)) and you enter "Joh" in the searchbar, then the actual query sent to the directory server is (|(givenName=Joh*)(sn=Joh*)).
Examples:

(|(givenName=%*)(sn=%*))
(cn=*%*)
But there's more to it! In addition to the replacements already mentioned %1 will get replaced with the first individual word in the query string, %2 with the second word, and so on up to %9. The usefulness of this is best explained with an example:

Suppose you have a guy named "Johann Sebastian Bach" in your directory that is stored as:
...
givenName: Johann Sebastian
sn: Bach
...
and you have the following filter configured:
(|(|(sn=%*)(givenName=%*))(&(givenName=%1*)(sn=%2*)))
You can now query for "Johann" or "Bach" but also "Johann Bach" to find him.

One other thing to note about filters is that when you do a wildcard search (i.e. you press the Search button without entering any query string) and you have a filter configured as (sn=*%*), then the actual query sent to the LDAP server would be (sn=**). As that is certainly not what you wanted to send to the server, any occurence of multiple asterisks is replaced with just one asterisk in wildcard searches. So the resulting query will in fact be (sn=*) in that particular example.

Base Filter
This is a convenience setting for those users who have to work with LDAP servers that do hide the objectClass attribute. Doing so makes it impossible to execute universally valid base-level queries and it also violates the LDAP specification as defined in RFC 2251. Using this setting one can work around the problem by customizing the filter used for base-level queries. (cn=*) should be a good choice for those affected.
Examples:

(objectClass=*)
(cn=*)

Scope Subtree
The search scope used to query your LDAP server. "Subtree" should be fine in most situations, but if it's not, you can also select "One Level" here.

Selection List Attributes
This parameter defines the blank separated list of attributes to display in the result selection table of a query. The result selection table is the list that you get after a query and where you can tap on any of the results to see further details.
Examples:

givenName sn
cn

Selection List Attributes Detail
This is a whitespace separated list of attributes that get displayed in the search results table after the query on the second line of each cell in a small grey font. Note that values not available from the directory will be left blank.
Examples:

ou

Sizelimit Warning
Most LDAP servers have a sizelimit for the number of results a query is allowed to return. In case the sizelimit is exceeded, an LDAP client usually displays a warning. Otherwise you would not be sure if you are seeing all of the available results. Therefore, use this switch to choose whether sizelimit exceeded warnings should be displayed or not.

Attribute Mapping
The Attribute Mapping subsection of LDAPeople's settings allows you to map each of the supported iPhone / iPod touch attributes to attributes available on the LDAP server that you are working with. The left hand side shows the supported iPhone / iPod touch attributes; on the right hand side you can configure each corresponding LDAP attribute. If you do not know what attributes your LDAP server is supporting, see the FAQ.

FAQ

  • Q: iPhone OS 3.0 has LDAP support built in. What benefit do I get from LDAPeople?
  • A: LDAPeople is without question the most versatile LDAP solution for the iPhone / iPod touch. Here are a few of LDAPeople's features that the built in LDAP functionality does not have:
    • Fully configurable attribute mapper
    • Powerful query filter configuration
    • Support for self-signed certificates in SSL (LDAPS) communication
    • Configurable resultlist display
    • Multiline resultlist display
    • Compatibility with any iPhone OS version
  • Q: I do not know what attributes my LDAP server is supporting. How can I figure this out?
  • A: There are basically two ways to figure this out. The first and probably obvious method is to ask your LDAP server administrator. If this is not an option, you might try to query your LDAP server from you Mac to find out yourself. To do this, open Terminal.app (in Applications/Utilities) and enter the following command:
    ldapsearch -x -h <ldap server name> -b <search base dn>
    You'll of course replace <ldap server name> with the fully qualified name of your LDAP server and <search base dn> with the distinguished name of your search base.

  • Q: Where can I change the TCP port to connect to the server?
  • A: If you have to specify a different port than the default (which is 389), append ":<portnumber>" to the "Servername" setting.
    Example: directory.mycompany.com:1234

  • Q: Where is the documentation for the LDAPeople XML configuration file format?
  • A: Please have a look at this complete example configuration. It demonstrates all elements that can be configured. You may download the example configuration file here.

  • Q: Do you support LDAPS?
  • A: Yes, since Version 2.2, LDAPS is officially supported!

  • Q: The pictures in the detail view look skewed. What's wrong?
  • A: The detail view expects pictures to be of quadratic shape. If your directory server provides pictures that are non-quadratic, they will be stretched to fit the quadratic frame on the top left.

  • Q: How can I figure out what the Search Base of my LDAP server is?
  • A: There are basically two ways to figure this out. The first and probably obvious method is to ask your LDAP server administrator. If this is not an option, you might try to query your LDAP server from you Mac to find out yourself. To do this, open Terminal.app (in Applications/Utilities) and enter the following command:
    ldapsearch -x -h <ldap server name> -b "" -s base namingcontexts
    Of course you have to replace <ldap server name> with the fully qualified name of your LDAP server.

  • Q: Why is it not possible to configure more than one LDAP server?
  • A: The possibility to configure multiple LDAP servers has been introduced with LDAPeople 2.0. Please update your LDAPeople in the App Store!

  • Q: I can search for names and get results but when I click on an entry, the detail view of that contact is empty. What's wrong?
  • A: Please have a look the documentation about the "Base Filter" setting under "Advanced Settings".

  • Q: I am a long term customer of LDAPeople. My current version is not working under iOS 5 and I cannot upgrade. What's going on?
  • A: LDAPeople 2.4.0 is the iOS 5 compatible version and it is available in the App Store. But there's a awkward problem with that. The problem is that we had to move the product to our new company account and Apple was not able to provide a way to migrate the existing installation base between accounts. We've tried everything that we could and we have spent weeks trying to get ahold of someone who even cares about the problem. The result: no success at all and all our existing customers are lost. This is pretty bad for us but unfortunately we cannot do anything about it. The only thing that you can do is purchase a fresh LDAPeople 2.4.0 or newer and yes, we are really sorry about that.

Change Log

V2.5

Release date

03/18/2012

What's new

  • Multitasking support (app remains open in the background)
  • Parsing of $-style separators in adresses

V2.4.1

Release date

01/24/2012

What's new

  • Changed contact address to our new trouble ticket system

V2.4

Release date

10/17/2011

What's new

  • iOS5 compatibility
  • Certain LDAP servers seem to require the bind operation twice; we've added a check for that

V2.3

Release date

06/19/2010

What's new

  • iOS4 compatibility

V2.2

Release date

06/17/2009

What's new

  • LDAPS (SSL) support
  • Local contacts can now also be updated (in addition to being created) with data from the LDAP directory
  • Added the network activity indicator to the status bar

Bug fixes

  • iPhone OS 3.0 compatibility ensured

V2.1

Release date

02/27/2009

What's new

  • Configuration export (via e-mail)
  • Configuration import (via URL)
  • Configurable second display line in query result table
  • Support for ldapeople: URL scheme; a very convenient way to import a configuration without any typing involved for the user
  • Slightly redesigned icon

Bug fixes

  • The bug that has caused random but seldom crashes (mostly in the configuration section) has been identified and fixed

V2.0

Release date

11/17/2008

What's new

  • LDAPeople now supports an unlimited number of different LDAP servers
  • The configuration section has been completely rewritten
  • New attribute mappings for birthday and anniversary have been added
  • LDAPeople now has a smaller footprint, is more efficient and loads faster

V1.2

Release date

10/12/2008

What's new

  • Advanced query filter processing (individual words of the query string can not be accessed as %1, %2, etc.)
  • Empty search (aka wildcard browsing): The search button is now enabled even when no query string was entered
  • Convenience setting to cope with LDAP servers that do hide the objectClass attribute (Base Filter)
  • Automatic display of keyboard on launch

Bug fixes

  • Consistency in multi-valued attributes handling; it is always the first attribute returned from the LDAP server that gets used

V1.1

Release date

09/26/2008

What's new

  • New feature "Save to contacts": records from the LDAP directory can now be copied to the local Contacts application (new button in a person's detail view on the top right)
  • A "Loading..." indicator has been added to indicate when the application has finished launching
  • New "About" screen
  • New configuration option "Search Scope": the search scope can now be configured to "Subtree" or "One Level"
  • The description for the setting "Username" has been changed to "Bind DN"
  • The setting "Port" has been removed: default ports are used implicitly. For more on this, see our FAQ

Bug fixes

  • Address links will now open the maps application and perform a correct query
  • A memory access bug has been fixed which occured when the search filter had an invalid syntax

V1.0

Release date

08/28/2008

What's new

  • Finally there is LDAP on the iPhone / iPod touch ;)