On Feb 15, 2013, at 3:11 PM, Simo Sorce <s...@redhat.com> wrote: > On Fri, 2013-02-15 at 17:34 -0500, Dmitri Pal wrote: >> On 02/15/2013 05:12 PM, John Dennis wrote: >>> On 02/15/2013 04:54 PM, Orion Poplawski wrote: >>>> On 02/15/2013 02:34 PM, John Dennis wrote: >>>>> On 02/15/2013 04:16 PM, Orion Poplawski wrote: >>>>>> >>>>>> Hmm, that is the filter in TB for me too, but: >>>>>> >>>>>> [15/Feb/2013:11:17:21 -0700] conn=931 op=1 SRCH >>>>>> base="ou=people,dc=nwra,dc=com" scope=2 >>>>>> filter="(|(mail=*apache*)(cn=*apache*)(givenName=*apache*)(sn=*apache*))" >>>>>> >>>>>> attrs="description notes title sn sn mozillaHomeLocalityName givenName >>>>>> mozillaHomeState mail mozillaWorkUrl workurl labeledURI o company >>>>>> mozillaNickname mozillaNickname mobile cellphone carphone >>>>>> modifyTimestamp >>>>>> nsAIMid nsAIMid telephoneNumber birthyear c c mozillaHomeStreet cn cn >>>>>> postalCode zip mozillaCustom1 custom1 mozillaHomeCountryName >>>>>> homePhone st >>>>>> region mozillaCustom2 custom2 mozillaSecondEmail mozillaSecondEmail >>>>>> facsimileTelephoneNumber facsimileTelephoneNumber mozillaCustom3 >>>>>> custom3 >>>>>> mozillaUseHtmlMail mozillaUseHtmlMail mozillaHomeStreet2 birthday >>>>>> street >>>>>> street postOfficeBox mozillaCustom4 custom4 mozillaHomeUrl homeurl >>>>>> l l pager >>>>>> pagerphone ou department departmentNumber orgunit birthmonth >>>>>> mozillaWorkStreet2 mozillaHomePostalCode objectClass" >>>>>> >>>>>> is what I see in the LDAP server log >>>>>> >>>>> >>>>> I don't know, beats me as to why there is no objectclass filter >>>>> component. >>>>> Perhaps TB is smart enough to know (objectclass=*) is effectively a >>>>> no-op and >>>>> ignores it when it builds the final filter. >>>>> >>>>> What happens if you set the TB filter to (objectclass=person)? >>>>> >>>> >>>> Yup, then it adds it: >>>> >>>> >>>> filter="(&(objectClass=person)(|(mail=*apac*)(cn=*apac*)(givenName=*apac*)(sn=*apac*)))" >>>> >>>> >>> >>> O.K. I presume it's obvious the consequence of this little experiment >>> is that if we do an an RFE that results in removing the person >>> objectclass from non-human users you'll have to configure a custom >>> LDAP search filter in every client in your enterprise if you don't >>> want them to see non-human users in their search results. >>> >> Can it be managed via Puppet? > > Unlikely, thunderbird preferences are per user and stored in user > preference files, which cannot be arbitrarily overridden. >
Following URL details a deployment method that configures thunderbird for address book in AD with a custom search string. Maybe you can use it or it will inspire you as to how to accomplish your deployment. http://wpkg.org/Thunderbird#System-wide > Simo. > > -- > Simo Sorce * Red Hat, Inc * New York > > _______________________________________________ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users