[CalendarServer-users] Users and Groups from AD

Morgen Sagen sagen at apple.com
Thu Nov 29 10:46:18 PST 2012 

On Nov 28, 2012, at 9:17 PM, Dennison Williams <dennison.williams at gmail.com> wrote:

> I am currently trying to configure calendarserver to pull users and
> groups from Microsoft Active Directory and I am having a hard time
> figuring out the schema that is required for the mapping to the calendar
> server filed names.  The documentation
> (http://trac.calendarserver.org/wiki/ConfiguringLDAP) does not clarify
> it for me either.  Are the definitions one for one in the RFC (I have
> not read through that yet)?
> 
> For example:
> 
> <key>users</key>
>          <dict>
>            <key>rdn</key>
>            <string></string> <!-- this is included in my basdn
> specified elsewhere -->
>            <key>attr</key>  <!-- this is the calendarserver field name
> ? -->
>            <string>uid</string><!-- and this is the related field in
> the LDAP qurey results?  If so how do I find out what it is expecting
> here?  Is this a mapping to a UNIX uid? Im confused -->
>            <key>emailSuffix</key> <!-- how is this used ? -->
>            <string></string>
>            <key>filter</key>
>            <string></string> <!-- This would be the filter for
> filtering out all of the results we are not interested in right? -->
>          </dict>
> 
> Thanks for any help!
> Dennison Williams
> _______________________________________________
> calendarserver-users mailing list
> calendarserver-users at lists.macosforge.org
> http://lists.macosforge.org/mailman/listinfo/calendarserver-users


I'll start by saying I haven't heard of anyone pointing calendar server directly at Active Directory, so you'd be blazing new trails.

I just noticed the caldavd-test.plist in the open source project was a bit out of date for the LDAP section, so I just updated it with what's on http://trac.calendarserver.org/wiki/ConfiguringLDAP .  You should copy that DirectoryService section into your own plist and start from there.

Unfortunately I'm not familiar enough with the Active Directory LDAP schema to set up the mapping either.  You'd need to find out what LDAP attribute AD uses for GUIDs, and set that as the value for guidAttr in the plist.  Then for each of the 4 record types supported (users, groups, locations, and resources), set the rdn value that your AD uses, as well as fill out each "mapping" section per record type.  Each mapping section maps a calendar server concept to its LDAP equivalent.

More information about the calendarserver-users mailing list