Directory Service

Introduction

This is a web application for searching people in an LDAP Directory. It is mostly suited for academic institutions that have implemented eduPerson schema per Educause and Internet2. However, this is not a requirement; only features such as browsing of an Organizational Tree will be missed.

It was written for the needs of the National & Kapodistrian University of Athens, but can easily be adapted for organizations or companies, especially if the eduPerson schema is involved.

The Directory Service application can work in both standalone mode and inside Squirrelmail, as a plugin.

The code can be considered beta. Everything is not yet 100% complete. See the TODO List.

Features

• Squirrelmail 1.4.x compatibility, guidelines compatible.
• A page that displays information about an organizational unit.
• A page that displays a user's profile, with all the permitted attributes.
• Simple and Advanced Search modes.
• Browser of an organizational tree, that has been created automagically by eduOrgSuperiorUri attribute.
• Sending of vCard to browser, for browsers and/or MUAs that probably support this format.
• Supports a 'privacy' attribute, allowing attributes to be considered as private by the user and thus not shown in White Pages directories.
• Edit Profile page, that allows an other set of attributes to be edited freely.
• Administrative Helper Pages: Edit of eduOrg information helper form + Privacy Policy Helper Table, which will allow someone to make decisions for privacy matters.
• The application's LDAP Schemas, holding definitions and descriptions of the various attributes, are stored in separate files and can be extended easily.
• Supports the eduOrg and eduPerson schemas, as defined by the Internet2 Middleware, Architecture Committee, Directory Working Group (MACE-Dir).
• A tree of Organizational Units (eduOrg) is cached in the session.
• User can place a restriction filter: the result must belong to the organizational unit(s) selected by the user.
• Interacts with Squirrelmail's Compose page, in a manner similar to the one of the Squirrelmail Addressbook; that is, it has hyperlinks to add an email address to To:, Cc: and Bcc: fields in the compose window.
• Supports some kind of interoperability with the Shared Folders (useracl) plugin for Squirrelmail: can display a direct link from the directory search results, to add a share to a particular user.
• Adds an option in config.php for the maximum number of results that the LDAP server will return. If there are more than the maximum results, a nice message is being displayed.
• Localizable / i18n - enabled.
• If a localized entry exists in the LDAP and it matches the user's locale, for example: entry cn;lang-fr exists and user has French locale, it will use this entry. It first converts from LDAP's UTF8 to the charset used in Squirrelmail, using mb_string_convert() or recode() or iconv(), whichever is available.
• User can ask for many criteria to be ANDed in the search.
• Can use an administrator-supplied bind dn & password.
• uses makeComposeLink() for the mailto: hyperlinks. (Requires Squirrelmail 1.4.2)
• Can display alternate mail addresses if they exist on user's LDAP object.
• Looks really nice, with Squirrelmail colors and tables.

Authors