LDAP Filter parameters?

[dmcushing]

I am trying to set up an external LDAP filter for GAL in Zimbra, does anyone know what the variable substitution in the filter for the search item would be?

ie. (|(cn=%s)(sn=%s))

the %s would be my search term that I am looking for, any idea what this would be for the filter in the admin? I have tried %s and it doesn't work, and I cannot find any documentation on the variables anywhere.

[KevinH]

Well if you just want to search on the e-mail address it's:

(mail=*)

This is what you'd use in Thunderbird for example to get LDAP GAL included in your auto complete address selection.

-kevin

[dmcushing]

No, I am trying to set up GAL in the Zimbra admin to access an external LDAP, that way our students can look up our faculty email addresses on another server.

[bhwang]

%s is all you need for setting up external ldap query.

Here is the filter that is actually used by Zimbra server
(&(|(cn=*%s*)(sn=*%s*)(gn=*%s*)(mail=*%s*)(zimbraM ailDeliveryAddress=*%s*)(zimbraMailAlias=*%s*)(zim braMailAddress=*%s*))(objectclass=zimbraAccount))
I have also tried the simple filter (|(cn=%s)(sn=%s)). It is working for me.

I have also hookup to an external public server www.openldap.com with base dn dc=OpenLDAP,dc=org and filter (|(cn=*%s*)(sn=*%s*)). It works fine as well

However, setting up ldap gal hookup is always tricky. There are couples of things to watch out for.

1) LDAP search base, this has to fit your external ldap server layout since every installation is a bit different.
2) Bind DN/Password, some ldap installation does not allow anonymous GAL access.

One possible issue may be cn and sn are really set up differently. It is much safer to use (|(cn=*%s*)(sn=*%s*)) instead.

[dmcushing]

That answered my question exactly - got it working perfectly now.