Home Products LDAPeople Configuration
LDAPeople Configuration PDF Print E-mail
Overview

Configuration Import & Export

Since version 2.1, users may directly import a specific LDAPeople configuration from a prepared configuration file URL.

The Configuration File

Please refer this complete example configuration. It demonstrates all elements that can be configured. You may download the example configuration file here.

Elements

The above mentioned example file demonstrates all elements available to build a complete LDAPeople configuration for one LDAP directory. It is not necessary to include all the possible elements; LDAPeople provides reasonable default values. 
Please make sure to properly escape the & and < characters (using either the & or CDATA notation) when writing the configuration file manually.

URL Based Import

The easiest way for users to import a configuration is to provide them a URL that points to the configuration file. LDAPeople immediately opens with the configuration file URL already present when a user clicks on the URL link in Safari on their iPhone or iPod touch. An example to be used in a web page: 
 
<a href="ldapeople:?confurl=http://www.site.com/cnf.xml">  
LDAPeople configuration import for MySite  
</a>
 
In this example your configuration file is expected to be reachable under the URL http://www.example.com/mysite.xml.
 
Of course you can also send HTML e-mail messages that contain such links.

Configuration Export

Follow these steps to export the configuration for a LDAP directory that you have already setup:
  1. Touch Edit in the Overview
  2. Select the directory that you would like to export the configuration for
  3. Touch the organize button in the upper right corner of the selected configuration
  4. Chose Export Configuration
Your mail application will launch with the configuration file already present in a new e-mail message. You can now enter the e-mail address that you would like to send the configuration to. The recipient (which might usually be yourself) can then copy the configuration and paste it into a file.

Required Settings

The minimum required configuration consists of a Description, a Server and a Search Base.

Description

This is the "pretty name" for your Directory. Choose according to you liking.
 
Example:
MyCompany Directory
University of Greenberg
Private LDAP Server

Server

This is the fully qualified hostname (or IP address) of the LDAP server to connect to. This parameter is required. Optionally a port can be appended to the server using the :portnumber notation. If no port is specified, the default port (389) is used.
 
Examples:
directory.washington.edu
directory.mycompany.com
directory.mycompany.com:1234

Search Base

This is the distinguished name to be used as search base for all LDAP queries. This parameter is required.
 
Examples:
o=University of Washington,c=USo=Addressbook,dc=mycompany,dc=com

Advanced Settings

LDAPeople comes preconfigured with reasonable values for all the advanced settings and so you might not have to bother about about them at all. If you would like to customize the application beyond the basic setup however, there are lots of things to configure here.

Bind DN (Username)

The optional Bind DN (Username) used to bind to the LDAP server. If left empty, an anonymous connection is made. Only the "simple" authentication method is supported at this time. Please not that the Bind DN has the form of a distinguished name and is not just a login name.

Password

If a Bind DN (username) is configured for the connection, the corresponding password must be set here.

Query Filter

This is the LDAP filter used to query the directory. For a detailed explanation of the LDAP search filter notation, please consult RFC 2254.
 
In LDAPeople, any occurence of % (or %0) in the filter statement will get replaced with the whole query string that you have entered. For example, if the query string is set to (|(givenName=%*)(sn=%*)) and you enter "Joh" in the searchbar, then the actual query sent to the directory server is (|(givenName=Joh*)(sn=Joh*)).
 
Examples:
(|(givenName=%*)(sn=%*))
(cn=*%*)
 
But there's more to it! In addition to the replacements already mentioned %1 will get replaced with the first individual word in the query string, %2 with the second word, and so on up to %9. The usefulness of this is best explained with an example:
 
Suppose you have a guy named "Johann Sebastian Bach" in your directory that is stored as:
 
...
givenName: Johann Sebastian
sn: Bach
...
 
and you have the following filter configured:
 
(|(|(sn=%*)(givenName=%*))(&(givenName=%1*)(sn=%2*)))
 
You can now query for "Johann" or "Bach" but also "Johann Bach" to find him.
 
One other thing to note about filters is that when you do a wildcard search (i.e. you press the Search button without entering any query string) and you have a filter configured as (sn=*%*), then the actual query sent to the LDAP server would be (sn=**). As that is certainly not what you wanted to send to the server, any occurence of multiple asterisks is replaced with just one asterisk in wildcard searches. So the resulting query will in fact be (sn=*) in that particular example.

Base Filter

This is a convenience setting for those users who have to work with LDAP servers that do hide the objectClass attribute. Doing so makes it impossible to execute universally valid base-level queries and it also violates the LDAP specification as defined in RFC 2251. Using this setting one can work around the problem by customizing the filter used for base-level queries. (cn=*) should be a good choice for those affected.
 
Examples:
(objectClass=*)
(cn=*)

Scope Subtree

The search scope used to query your LDAP server. "Subtree" should be fine in most situations, but if it's not, you can also select "One Level" here.

Selection List Attributes

This parameter defines the blank separated list of attributes to display in the result selection table of a query. The result selection table is the list that you get after a query and where you can tap on any of the results to see further details.
 
Examples:
givenName sn
cn

Selection List Attributes Detail

This is a whitespace separated list of attributes that get displayed in the search results table after the query on the second line of each cell in a small grey font. Note that values not available from the directory will be left blank.
 
Examples:
ou

Sizelimit Warning

Most LDAP servers have a sizelimit for the number of results a query is allowed to return. In case the sizelimit is exceeded, an LDAP client usually displays a warning. Otherwise you would not be sure if you are seeing all of the available results. Therefore, use this switch to choose whether sizelimit exceeded warnings should be displayed or not.

Attribute Mapping

The Attribute Mapping subsection of LDAPeople's settings allows you to map each of the supported iPhone / iPod touch attributes to attributes available on the LDAP server that you are working with. The left hand side shows the supported iPhone / iPod touch attributes; on the right hand side you can configure each corresponding LDAP attribute. If you do not know what attributes your LDAP server is supporting, see the FAQ.

 
 
It's $3.99 in the App Store.
 
LDAPeople Product Icon

"If you need to access LDAP, this is what you're looking for."

- appcraver.com
What feature do you consider the most important for the next release of LDAPeople?