Chapter 6 Accessing StarOffice User Profiles on an LDAP Server

This chapter describes how StarOffice can access user profile settings on an LDAP server.

Manually Configuring StarOffice to Access User Profiles on an LDAP Server

StarOffice can use an LDAP User Profile Back End to access user profiles, such as first name, last name, and address, on an LDAP server. As a result, you do not need to manually enter user profiles when you install StarOffice on a network.

In a enterprise deployment, you can use the Java Desktop System Configuration Manager to manage user profiles for StarOffice. See the Java Desktop System Configuration Manager Release 1.1 Administration Guide at http://docs.sun.com/app/docs for details.

To retrieve user profiles for StarOffice from an LDAP repository, you need to provide the LDAP User Profile Back End with the following information:

• Location of the LDAP repository

• Mapping file that identifies the attributes in the LDAP repository which are required to generate a StarOffice user profile

The following sections describe this process.

Configuring StarOffice to Retrieve User Profiles From an LDAP Repository

You can specify the settings for the LDAP User Profile Back End in LDAP.xcu, an XML file, so that StarOffice can retrieve user profiles from an LDAP repository. StarOffice loads these settings during startup. The structure of the LDAP.xcu file is defined by the configuration schema for the org.openoffice.LDAP component. The schema is located in <install>/share/registry/schema/org/openoffice/LDAP.xcs.

To Configure StarOffice to Access User Profiles From an LDAP Repository

Steps

1. In a text editor, create an XML configuration file with the name LDAP.xcu.

   ---

   Note –

   You can find a sample LDAP.xcu at <StarOffice installation>/share/registry/data/org/openoffice/LDAP.xcu.sample

   ---

   The following is the structure of the LDAP.xcu.sample file:

   <oor:component-data oor:name="LDAP" oor:package="org.openoffice" 
           xmlns:oor="http://openoffice.org/2001/registry" 
           xmlns:xs="http://www.w3.org/2001/XMLSchema" 
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   	<node oor:name="UserDirectory">
     		<node oor:name="ServerDefinition">
      			<prop oor:name="Server" oor:type="xs:string">
       			<value>ldapserver.mycorp.com</value>
      			</prop>
   			<prop oor:name="BaseDN" oor:type="xs:string">
       			<value>dc=mycorp,dc=com</value>
      			</prop>
   			<prop oor:name="Port" oor:type="xs:int">
       			<value>389</value>
      			</prop>
     		</node>
           <!-- The following settings should be omitted,
   				 if anonymous access is possible
     		<prop oor:name="SearchUser" oor:type="xs:string">
   				<value>MyUserLogin</value></prop>
       	<prop oor:name="SearchPassword" oor:type="xs:string">
   				<value>MyPassword</value></prop>
           -->
       	<prop oor:name="UserObjectClass" oor:type="xs:string">
               <value>inetorgperson</value>
      		</prop>
       	<prop oor:name="UserUniqueAttribute" oor:type="xs:string">
               <value>uid</value>
      		</prop>
           <prop oor:name="Mapping" oor:type="xs:string">
               <value>oo-ldap</value>
      		</prop>
   	</node>
   </oor:component-data>

   Server

   Host name of the LDAP Server

   BaseDN

   Root entry of the enterprise directory

   Port

   Port number of the LDAP Server

   The default port number is 389.

   SearchUser

   Distinguished Name (DN) of an existing user with read-only access to the LDAP repository

   ---

   Note –

   This setting is only required if anonymous access is not supported by the LDAP server.

   ---

   SearchPassword

   Password of SearchUser

   ---

   Note –

   This setting is only required if anonymous access is not supported by the LDAP server.

   ---

   UserObjectClass

   Object class that identifies user entities

   For example, the user entity for a Sun Java^TM System Directory Server Enterprise Edition is inetOrgPerson. To find the DN of a user, you need to use this entity in conjunction with the UserUniqueAttribute attribute.

   UserUniqueAttribute

   Attribute that identifies user entities.

   For example, the UserUniqueAttribute for an LDAP repository that is on a Sun Directory server is uid. To find the DN of a user, you need to use this attribute in conjunction with the UserObjectClass. The server compares the value of this attribute to the login user name for the operating system.

   Mapping

   String that indicates a named mapping file, that is, $(Mapping)-attr.map.

   For example, if the LDAP repository is a Sun Directory server, the mapping entry is oo-ldap. This entry tells the LDAP User Profile Back End to use oo-ldap-attr.map as the mapping file. Alternatively, if the LDAP repository is an Active Directory, the Mapping entry is oo-ad-ldap. This entry tells the LDAP User Profile Back End to use oo-ad-ldap-attr.map as the mapping file.

2. Replace the value placeholders in the LDAP.xcu file with the mandatory settings for your LDAP server.

3. Copy the LDAP.xcu file to <StarOffice installation>/share/registry/data/org/openoffice/

Mapping LDAP User Profiles

By default, a StarOffice installation includes two meta-configuration mapping files that map StarOffice user profile attributes to LDAP attributes. The LDAP User Profile Back End uses the <StarOffice installation>/share/registry/ldap/oo-ldap-attr.map mapping file for a Sun Java^TM System Directory Server and the <StarOffice installation>/share/registry/ldap/oo-ad-ldap-attr.map mapping file for a Windows Active Directory Server. The Mapping entry in the LDAP.xcu file indicates which mapping file to use, for example, oo-ldap indicates the oo-ldap-attr.map file.

If you want to change the location of the mapping files, edit the CFG_LdapMappingUrl entry in the <StarOffice installation>/program/configmgrrc file to point to the new location of the file. In Windows, this entry is in the <StarOffice installation>/program/configmgr.ini file.

If you want, you can also create a custom user profile mapping file for an alternative LDAP server.

To Create a Custom User Profile Mapping File

Steps

1. In a text editor, create a text file with the name oo-ldap server type-attr.map.

   ---

   Tip –

   Edit a copy of an existing mapping file, for example, <StarOffice installation>/share/registry/ldap/oo-ldap-attr.map.

   ---

2. Enter the mapping information.

   Each line in the file must have the following format:

   <User Profile Attribute>=<LDAP Attribute 1>,<LDAP Attribute 2>,...,<LDAP Attribute N>

   ---

   Note –

   You can only map user profile attributes that are present in the StarOffice configuration schema. The file name path for this schema is <StarOffice installation>/share/registry/schema/org/openoffice/UserProfile.xcs. You can edit the list of corresponding LDAP attributes to show which attributes in the user entries hold the personal data. The LDAP server queries the LDAP attributes in the order that the attributes appear in the list.

   ---

   The following is a commented version of the oo-ldap-attr.map mapping file for the Sun Java System Directory Server:

   # inetOrgPerson.givenName
   org.openoffice.UserProfile/Data/givenname = givenName
   
   # person.sn (surname)
   org.openoffice.UserProfile/Data/sn = sn
   
   # inetOrgPerson.initials
   org.openoffice.UserProfile/Data/initials = initials
   
   # organizationalPerson.street
   org.openoffice.UserProfile/Data/street = street,postalAddress,streetAddress
   
   # organizationalPerson.l (city)
   org.openoffice.UserProfile/Data/l = l
   
   # organizationalPerson.st (state)
   org.openoffice.UserProfile/Data/st =
   
   # organizationalPerson.postalCode (zip code)
   org.openoffice.UserProfile/Data/postalcode = postalCode
   
   # country.c (country)
   org.openoffice.UserProfile/Data/c =c
   
   # organizationalPerson.o (company/organization)
   org.openoffice.UserProfile/Data/o = o,ou
   
   # deprecated -- no LDAP corollary
   org.openoffice.UserProfile/Data/position =
   
   # organizationalPerson.title
   org.openoffice.UserProfile/Data/title = title
   
   # inetOrgPerson.homePhone
   org.openoffice.UserProfile/Data/homephone = homePhone
   
   # organizationalPerson.telephoneNumber (business phone)
   org.openoffice.UserProfile/Data/telephonenumber = telephoneNumber
   
   # organizationalPerson.facsimileTelephoneNumber
   org.openoffice.UserProfile/Data/facsimiletelephonenumber =
   		facsimileTelephoneNumber,otherFacsimileTelephoneNumber
   
   # inetOrgPerson.mail (e-mail address)
   org.openoffice.UserProfile/Data/mail = mail

3. Copy the mapping file to the <StarOffice installation>/share/registry/ldap/ directory.

   ---

   Note –

   You need administrator rights to copy the mapping file to this directory on a network installation.

   ---

4. In a text editor, open the <StarOffice installation>/share/registry/data/org/openoffice/LDAP.xcu file.

5. Change the value of the Mapping property to the string that appears before the -attr.map in the name of the mapping file.

   For example, the value of the Mapping property for the file oo-ldap-ad-attr.map is oo-ldap-ad.