YoLinux Tutorial: aWebDap V1.7 - Web front-end to LDAP

aWebDap is a CGI executable which provides a friendly web front-end to an LDAP database for users and administrators. The aWebDap system is comprised of three files, (1) an executable which can be placed in your "/cgi-bin/" directory, (2) an HTML form to interface with the CGI, and (3) the configuration file /etc/awebdap.conf. The power and flexibility of aWebDap comes from the configuration file which presents many options to the user from a fully featured web pressentation for web browsers and a low weight pressentation for PDA and cell phone web access. Version 1.7 also now supports https secure connections.

Contents:

• Try the online demo (Comes with download)
  Use with your cell phone or with WebTV
• aWebDap Download and Installation - Free version has no time limit and is fully functional. It will not display a custom graphic logo.
• The aWebDap web interface and usage
• HTML form configuration for use with aWebDap
• aWebDap configuration file /etc/awebdap.conf
• More HTML form examples for use with the sample awebdap.conf file

Installation of aWebDap V1.7:

1. Download free version: (Version 1.7: July 4 2003)
   • awebdap-demo-version-1.7-gcc3.2.2.tar.gz - GCC 3.2.2, Red Hat 8.0/9.0 (md5sum: bbfd3ef02a36f474c3175002d82ba5db)
   • awebdap-demo-version-1.7-gcc2.96.tar.gz - GCC 2.96, Red Hat 7.2 (md5sum: b781c07bd24e4852a4e6b1c9fc79da06)
   
   There are no time, functionality or distribution limitations put on the free version. The free version adds the message that it is a demo and does not have the option to place a logo at the top of the page. The purchased version also allows the user to specify the web page background color.
   (Netscape users: press and hold the "Shift" key, then select link with left mouse button to download file.)
2. Unpack: tar xzf awebdap-demo-version-1.7-gccXXX.tar.gz
   This will unload four files:
   1. aWebDap license
      Read the license.
   2. awebdap.cgi
      Move this file to your cgi directory:
      (Red Hat 7.x, 8.0 and 9.0 default: /var/www/cgi-bin/)
      The file should have world read and execute access. (chmod ugo+rx awebdap.cgi)
   3. awebdap.conf
      Move this file to the etc directory: /etc/awebdap.conf
      
   4. awebdap.html
      Move this file to a web accessible directory.
      (Red Hat default 7.x, 8.0 default: /var/www/html/awebdap.html)
3. Configure and start LDAP server example as per the YoLinux LDAP quick start example. A working LDAP server is required for this web front-end.
4. Point your browser to http://localhost/awebdap.html
   Note that the web server must be running. To start: /etc/rc.d/init.d/httpd start

The example shown here is configured to match the LDAP database described by the LDIF files and configuration presented in the YoLinux LDAP quick start example.

System requirements:

• OpenLDAP 2.0
• A CGI enabled web server (i.e. Red Hat default Apache version 1 or 2)

Tested with:

• Red Hat 7.1 - 9.0
• OpenLDAP 2.0:
  • openldap-2.0.XX
  • openldap-clients-2.0.XX
  • openldap-servers-2.0.XX
  • openldap-devel-2.0.XX

Verify that the appropriate modules are installed with the command:

rpm -q openldap openldap-clients openldap-servers openldap-devel httpd
for Red Hat 8.0/9.0 OR for Red Hat 7.1/7.2
rpm -q openldap openldap-clients openldap-servers openldap-devel apache

Note: For non Red Hat Linux, aWebDap is compiled with gcc version 2.96 and 3.2.2 and should be compatable with later releases.

[Potential Pitfall]: System misconfiguration can cause aWebDap to crawl to intolerably slow speeds. Your server must be self aware. Add a line in /etc/hosts for the servers IP address:

    127.0.0.1           node-name localhost.localdomain localhost
    XXX.XXX.XXX.XXX     node-name

Working examples are shown below, not screen shots.

Stooges Family Directory Phone Book and Contact Database Name contains: Lives in the city of: Postal code begins with: Lives in the state of:

Press the "Submit" button to try the aWebDap online demo.

Results from database search: Person (LDAP URL) E-Mail Address Home Phone Work Phone More Info Modify VCard Anderson, Larry LAnderson@isp.com 800-555-1313 (800)555-1212 Display Modify VCard Anderson, Moe MAnderson@isp.com 800-555-1313 none Display Modify VCard Anderson, Curley CAnderson@isp.com 800-555-1313 none Display Modify VCard Number of matches:3

Note on cgi generated links: AWebDap will use the CGI environment to determine the port number used for the "Display", "Modify" and "VCard" links. By default web servers are configured for port 80 and thus no port is specified. If a port other than 80 is used by the web server, aWebDap will detect this and specify the alternate port. If aWebDap detects that the port is a usable service as defined by the file /etc/services, then the service prefix is used. If no existing service is defined in the file /etc/services, the service will be specified as "http://", the server name and then the port number (":number").
Examples:

• Default use of port 80: http://your-domain.com/cgi-bin/awebdap.cgi...
• Use of an unspecified port: http://your-domain.com:9090/cgi-bin/awebdap.cgi...
• Use of port 443 specified in /etc/services then: https://your-domain.com/cgi-bin/awebdap.cgi...

Stooges: Database Information Curley Anderson E-Mail Address: CAnderson@isp.com Home Phone: 800-555-1313 Work Phone: Mobile Phone: 800-555-1318 Street Address: 16 Cherry St. Locality/City: Dallas State/Province: TX Postal Code: 76888

Stooges: Modify database entry Larry Anderson E-Mail Address: Home Phone: Work Phone: Mobile Phone: Street Address: Locality/City: State/Province: Postal Code: Password:

HTML Form Source to interface with aWebDap cgi:

<HTML>
<HEAD>
<TITLE>Stooges Family Directory</TITLE>
</HEAD>
<BODY bgcolor="#ffffff" text="#000000">
<P>
<HR width=65%>
<P>
<CENTER>
   <H1>Stooges Family Directory</H1>
</CENTER>
<P>
<HR width=65%>
<P>
<H3>Phone Book and Contact Database</H3>
<P>
<form method="post" action="http://localhost/cgi-bin/awebdap.cgi">
 <select name="selectoption">
   <option value="personname">Name contains:
   <option value="residentofl">Lives in the city of:
   <option value="residentofpostalcode">Postal code begins with:
   <option value="residentofstate">Lives in the state of:
 </select>
 <input type="hidden" name="type" value="query">
 <input type="hidden" name="awebdapdomain" value="DOMAIN1">
 <input type="TEXT" name="searchfor" value="*">
 <input type="submit" value="Submit">
</form>
<P>
</BODY>
</HTML>

Note:

• The four "option value" parameters match the awebdap.conf field argument 6.
• The "awebdapdomain" value "DOMAIN1" matches the domain listed for the "START" parameter in awebdap.conf.
• All web pages hereafter are generated by the awebdap.cgi and do not require the manual creation of more HTML forms.
• If using https or non-standard port make sure that you reference that in the html form "action" reference.

AWebDap configuration file directives: (Case sensitive)

Directive	Description	Default
START	Give name assigned to configuration file segment. (required)
OrgName	Organization name to match the LDAP attribute "o". (required)
OrgLogo	Active only in licensed version. Image file referenced in web page.
BackgroundColor	Active only in licensed version. Set HTML background color for the web interface. (V1.7)	"#d0d0d0"
TextColor	Set HTML text color for the web interface.	"#000000" (black)(V1.7)
LinkColor	Set HTML hyperlink text color for the web interface. (V1.3)	"#0000ff" (blue)(V1.7)
VLinkColor	Set HTML visited hyperlink text color for the web interface. (V1.7)	"#000080" (navy)
PageType	Output Page Type: HtmlExtra: Indenting, table borders and table cell padding. HtmlBasic: Used for small displays. (i.e. phones) Eliminates "Extra" indenting, table borders and table cell padding. It is best to use separate configurations for Cell phones and desktop computers. Also limit display items for PDA's. (V1.7)	HtmlExtra
UrlReturnLink	Display URL hyperlink at bottom of page. Typically used to return to search page. Also many cell phones do not have a "back" button and require this link. Specify relative URL from "DocumentRoot" directory. The network service (i.e. http) and server name are determined from other aWebDap directives (WebServer,WebServerPort). Link text displayed will be "Return". (V1.7)
OutputEmailCutPaste	Output link to search results as a cut and paste list of names and email addresses which can be pasted directly into an email client. Not used at this time. (V1.8 ??)	F(alse)
TechContact	Email address of technical contact. Displayed as the webmaster in error messages. (required)
VcardOrgName	Organization name displayed in VCARD
WebServer	Specify node name or IP address for Apache host. Note that the loopback address (127.0.0.1) will only work for running the demo on your desktop. Use the network resolvable node name or IP address of the computer used. For (Apache) web servers utilizing virtual hosts (using Apache directive "VirtualHost"), the host name must be used. (V1.7)	Default host name retrieved from CGI environment. If undeterminable it will be set to 127.0.0.1
WebServerPort	Specify port number to be used for hyperlinks if different than that used to access the aWebDap cgi. Defaults to port used to initially access aWebDap cgi. Rarely used. Https or any defined port wil be automatically recognized and used. (V1.7)	Default port number retrieved from CGI environment. Default port is the port used to access awebdap. If it is a defined service in the file /etc/services, the service name is used in the link. Specify nothing or an integer.
CgiBinPath	Specify CGI relative path as viewed by client. Typically cgi-bin/ (Note use of terminating "/") If no path is specified then it is assumed that the apache "DocumentRoot" directory is used for CGI (unlikely so please specify). (required) (V1.7)	cgi-bin/
LdapServer	Specify node name or IP address for LDAP host. Note that the loopback address (127.0.0.1) will only work for running the demo on your desktop. Use the network resolvable node name or IP address of the computer used.	127.0.0.1
LdapPort	Option to specify a non regular LDAP port. This will break the ldap URL (if used) which relies on the prefix "ldap://" and a default port assignment. (V1.7)	389
SearchBase	LDAP search base used for queries "o=orgname" (V1.2 now requires entire LDAP definition) (required) V1.7 Appended to the DN defined by "DefineAddDn". (Does not affect "AddAttribute" entries. Each must be individually defined.)
AddFilter	LDAP filter string to add using AND logic. This entry is added to the LDAP search filter. (i.e. (&(objectclass=inetOrgPerson)(...)) ) If NULL, it is ignored. (V1.5)	NULL
IgnoreType	LDAP Object type to ignore. This LDAP object type is ignored during search. (i.e. organizationalRole) (advisable but not required) (V1.5)	NULL
UpdateDnInput	T/F (V1.4) If "T" then LDAP bind "DN" input entry box is generated on the HTML update/modify form. The input entry given is combined with the SearchBase directive to construct the LDAP DN. (i.e. cn=input-user-id,SearchBase User enters only the input-user-id) If "F" then bind DN specified by BindDn directive is used for update/modify.	F(alse)
UpdateDefaultDisplayDn	T/F Useful only if directive UpdateDnInput is "T". (V1.4) If "T" then LDAP bind "DN" entry box on the HTML update/modify form is pre-filled with the text specified by the directive DefaultDisplayDn. If "F" then HTML entry box for user ID/bind DN is blank.	T(rue)
DefaultDisplayDn	(V1.4) Useful only if directive UpdateDefaultDisplayDn is "T". This value is combined with the SearchBase directive to construct the LDAP DN. (i.e. cn=DefaultDisplayDn,SearchBase)
BindDn	(i.e. cn=admin,o=orgname) LDAP bind "dn" (Distinguished name) for database connection, access and management. The actual LDAP DN is given. It is used as-is and not constructed into another form.
UpdatePassword	T/F (V1.4) If "T" then password entry box is generated on the HTML update/modify form and a password is required for LDAP update. If "F" then specify password to be used is given using the directive BindPw.	T(rue)
BindPw	(V1.4) This sets a default LDAP bind password so no password is needed for updates.
ReadPassword	T/F Used for non-anonymous/anonymous LDAP read.(V1.4) The LDAP database security is not defined here. This is just the information on the method of LDAP access for aWebDap. If "T" then Password required for read. Define bind info with the ReadBindDn and ReadBindPw directives. If "F" then an anonymous bind is performed to read the LDAP database.	F(alse)
ReadBindDn	LDAP bind "dn" to use for non-anonymous read. (V1.4) ReadPassword must be "T"
ReadBindPw	Password to use for LDAP bind for non-anonymous read. (V1.4) ReadPassword must be "T"
SortResultsBy	Search results sorted by LDAP attribute specified.	cn
InfoDisplayName	Define LDAP attribute name to be displayed at top of "Info" page. i.e. "displayname", "uid", "cn",... or use the aWebDap option "default". The LDAP attribute must also be defined with the "field" directive. If not specified, it will not be obtained from LDAP and thus not able to be displayed. (V1.7)	Default option: "default" (or NULL) (Default will concatenate "givenname sn")
InfoDisplayNickName	NickName displayed at top of "Info" page. i.e. John "The Dude" Johnson. Option only available if InfoDisplayName uses "default" and LDAP attribute "xmozillanickname" is not empty. The attribute "xmozillanickname" must also be defined with a "field" directive. Note that "xmozillanickname" is not defined in the default inetOrgPerson schema but must be defined in a new extended schema. (V1.7)	F(alse) (If T(rue), concatenate "givenname xmozillanickname sn")
AllowURLAccess	T/F (True/False) Generate hyperlink which is an LDAP URL. This interfaces well with the address book in MS/Outlook. This feature is only useful if anonymous read access is allowed.	T(rue)
DisplayVcard	T/F Generate and display column and hyperlink to a VCARD for search results.	T(rue)
UpdateModify	T/F Generate and display column and hyperlink for database information modification.	T(rue)
UpdateModifyTrigger	T/F Write update info to a file and execute script. If "T" then you must specify UpdateModifyTriggerScript. If data file (UpdateModifyTriggerData) is specified, then data file is used as a command line argument to the script. (V1.3)	F(alse)
UpdateModifyTriggerScript	File name (full path) of script to execute. Script executed after LDAP update. (V1.3) UpdateModifyTrigger must be "T".
UpdateModifyTriggerData	File name (full path) of data file generated by aWebDap from update/modify form data. This is a CSV file of the HTML form data. Data is written in the same order as field definitions in configuration file. (V1.3) UpdateModifyTrigger must be "T".
DisplayFullInfoLink	T/F Generate and display column and hyperlink for database information display. (V1.7 has spelling change)	T(rue)
DeleteEntry	T/F Generate and display column and hyperlink for the deletion of a database entry.	F(alse)
AddRuleMIperiod	T/F LDAP db additions only. Add a period to middle initials if that field is populated by a single letter. Applies to LDAP attribute middlename only. Note that this may have to be added to your Object schema before it can be used. This will be applied to the construction of the DN and CN with the directives DefineAddDn and DefineAddCn. (V1.3)	F(alse)
DefineAddDn	Define the attributes used to construct the DN used for LDAP directory additions. Multiple statements allowed and probably required. Required for LDAP additions. i.e. dn: cn=Moe Anderson,ou=MemberGroupA,o=stooges. If "SearchBase" is ",o=stooges" then define the DN as constructed from the attributes cn, ou and by default the "SearchBase" will be appended. (V1.7)
DefineAddCn	Define the attributes used to construct the CN. Multiple statements allowed. Required for LDAP additions. (V1.7)
ObjectClass	Used to describe LDAP schema for entry addition to the directory. Multiple statements allowed. At least four "objectClass" statements required for inetOrgPerson definition: top, person, organizationalPerson, inetOrgPerson. (ObjectClass required for LDAP additions)
AddAttribute	Four fields used to describe LDAP schema for entry addition to the directory. Multiple statements allowed and probably required. The second field states the HTML form name for the item. The third field states the LDAP attribute defined. The fifth field states if data must be provided T/F. Each must be defined even if you feel this has been defined elsewhere. Hidden form entries can be used where the definition is known. (V1.7)
field	Attributes described in table below. Multiple field statements allowed. At least four required.

Note:

• The notation (Vx.x) refers to the version of aWebDap which introduces the directive. The directive will then apply to all versions thereafter.
• All directives have two fields except "AddAttribute" which has 4 and search/display directive, "field" which has 13.

The field directive: This defines the aWebDap properties for the LDAP attribute for aWebDap search and display.

The first four aWebDap field statements must be ordered and stated in the following order:

1. cn - common name
2. displayname
3. sn - Surename
4. givenname - First name

Support for these four fields is hard coded within aWebDap.

Field directive arguments: field:argument 1:argument 2:argument 3:...:argument 13:

Argument Number	Values	Description
1	field	The aWebDap keyword field
2	LDAP attribute	LDAP attribute name as defined by the LDAP schema.
3	T/F	True/False: Prefix the search query filter with a "*"
4	T/F	True/False: Postfix the search query filter with a "*"
5	Display name	The display name of the LDAP attribute as presented by aWebDap on the web page.
6	HTML form name	This is the "option value" for the selection presented on the first form and used for the first LDAP directory query. This is case sensitive.
7	T/F	Display attribute in search results.
8	T/F	Display this attribute when displaying the information page.
9	T/F	Display attribute in the attribute modification form. This allows this data field to be modified.
10	integer number	The field length or "size" of the text input field on the HTML form. Set to "0" if not used.
11	integer number	The field "maxlen" value of the text input field on the HTML form. Set to "0" if not used.
12	VCARD descriptor	The VCARD descriptor for the field is placed here. If none is specified then this field is not added to the VCARD.
13	T/F	Field is written to CSV (Comma Separated Variables) trigger data file. (V 1.3)

The sample awebdap.conf file is configures to match the LDAP database described by the LDIF files and configuration presented in the YoLinux LDAP quick start example.

Note that this sample shows a configuration file supporting three web interfaces and two domains. Only the first "DOMAIN1" is needed to support the HTML form above.

program:awebdap:
version:1.7:

START:DOMAIN1: 
OrgName:Stooges:org:
PageType:HtmlExtra:
OrgLogo:/images/awebdap-logo.gif:
BackgroundColor:#ffffff:
TextColor:#000000:
OrgContact:webmaster@your-domain.com:
TechContact:webmaster@your-domain.com:
VcardOrgName:Stooges.org:
CgiBinPath:cgi-bin/:
WebServer:127.0.0.1:
LdapServer:127.0.0.1:
LdapPort:389:
SearchBase:o=stooges:
AddFilter:objectclass=inetOrgPerson:
IgnoreType:organizationalRole:
UpdateDnInput:F:
UpdateDefaultDisplayDn:T:
DefaultDisplayDn:StoogeAdmin:
BindDn:cn=StoogeAdmin,o=stooges:
ReadPassword:F:
UpdatePassword:T:
AllowURLAccess:T:
DisplayVcard:T:
UpdateModify:T:
UpdateModifyTrigger:F:
DeleteEntry:F:
DisplayFullInfoLink:T:
SortResultsBy:sn:
#field: ldap-field : Filter wildcard prefix T/F : Filter wildcard post T/F : Display-name : HTML Form name (search form)(Case sensitive. Form must match case in this config file) : Display T/F : Info-Display T/F : Modify T/F : Modify-field-length (0 if not stated) : max-length (0 if not stated) : Vcard-name
# Must have order: (Not editable! Displayed by default)
#  0) cn - common name
#  1) displayname 
#  2) sn - Surename
#  3) givenname - First name
field:cn:T:T::personname:F:F:F:0:0:fn:T:
field:displayname:F:F:Person (LDAP URL)::T:T:F:0:0:fn:F:
field:sn:F:T:::F:F:F:0:0:n:F:
field:givenname:F:T:::F:F:F:0:0:n:F:
#
# The following values may be edited, displayed etc
field:mail:F:F:E-Mail Address::T:T:T:32:50:email;internet:T:
field:homephone:F:F:Home Phone::T:T:T:14:20:tel;home:T:
field:telephonenumber:F:F:Work Phone::T:T:T:14:20:tel;work:T:
field:mobile:F:F:Mobile Phone::F:T:T:14:0:tel;cell:T:
field:postalAddress:F:F:Street Address::F:T:T:32:50:adr:T:
field:l:T:T:Locality/City:residentofl:F:T:T:20:50:+adr:T:
field:st:F:F:State/Province:residentofstate:F:T:T:4:24:+adr:T:
field:postalcode:F:T:Postal Code:residentofpostalcode:F:T:T:12:0:+adr:T:

START:ADMIN1: 
OrgName:Stooges:org:
PageType:HtmlExtra:
BackgroundColor:#d0d0d0:
TextColor:#000000:
OrgContact:webmaster@your-domain.com:
TechContact:webmaster@your-domain.com:
VcardOrgName:Stooges.org:
CgiBinPath:cgi-bin/:
WebServer:127.0.0.1:
LdapServer:127.0.0.1:
LdapPort:389:
SearchBase:o=stooges:
AddFilter:objectclass=inetOrgPerson:
IgnoreType:organizationalRole:
UpdateDnInput:F:
UpdateDefaultDisplayDn:T:
DefaultDisplayDn:StoogeAdmin:
BindDn:cn=StoogeAdmin,o=stooges:
ReadPassword:F:
UpdatePassword:T:
AllowURLAccess:T:
DisplayVcard:F:
UpdateModify:T:
UpdateModifyTrigger:F:
DeleteEntry:T:
DisplayFullInfoLink:T:
SortResultsBy:sn:
UpdateModifyTrigger:F:
AddRuleMIperiod:T:
#
DefineAddDn:cn:
DefineAddDn:ou:
DefineAddCn:givenname:
DefineAddCn:middlename:
DefineAddCn:sn:
#
ObjectClass:top:
ObjectClass:person:
ObjectClass:organizationalPerson:
ObjectClass:inetOrgPerson:
#
AddAttribute:fmsn:sn:T:
AddAttribute:fmgivenname:givenname:T:
AddAttribute:fmou:ou:T:
AddAttribute:fmst:st:F:
#
field:cn:T:T::personname:F:F:F:0:0:fn:F:
field:displayname:F:F:Person::T:T:F:0:0:fn:F:
field:sn:F:T:::F:F:F:0:0:n:F:
field:givenname:F:T:::F:F:F:0:0:n:F:
#
# The following values may be edited, displayed etc
field:mail:F:F:E-Mail Address::T:T:T:32:50:email;internet:F:
field:homephone:F:F:Home Phone::T:T:T:14:20:tel;home:F:
field:description:F:F:Spouse Name::F:T:T:14:0::F:
field:businesscategory:F:F:Company Name::T:T:T:14:40::F:
field:telephonenumber:F:F:Work Phone::T:T:T:14:20:tel;work:F:
field:mobile:F:F:Mobile Phone::F:T:T:14:0:tel;cell:F:
field:postalAddress:F:F:Street Address::F:T:T:32:50:adr:F:
field:l:T:T:Locality/City:residentofl:F:T:T:20:50:+adr:F:
field:st:F:F:State/Province:residentofstate:T:T:T:4:24:+adr:F:
field:postalcode:F:T:Postal Code:residentofpostalcode:F:T:T:12:0:+adr:F:

START:DOMAIN2: 
OrgName:Delta:org:
PageType:HtmlExtra:
BackgroundColor:#ffffff:
TextColor:#000000:
OrgContact:webmaster@Delta.org:
TechContact:webmaster@your-domain.com:
VcardOrgName:Delta.org:
CgiBinPath:cgi-bin/:
WebServer:127.0.0.1:
LdapServer:127.0.0.1:
LdapPort:389:
SearchBase:o=delta:
AddFilter:objectclass=inetOrgPerson:
IgnoreType:organizationalRole:
UpdateDnInput:F:
UpdateDefaultDisplayDn:T:
DefaultDisplayDn:DeanWormer:
BindDn:cn=DeanWormer,o=delta:
ReadPassword:F:
UpdatePassword:T:
AllowURLAccess:T:
DisplayVcard:T:
UpdateModify:T:
UpdateModifyTrigger:F:
DeleteEntry:F:
DisplayFullInfoLink:T:
SortResultsBy:sn:
field:cn:T:T::personname:F:F:F:0:0:fn:F:
field:displayname:F:F:Person::T:T:F:0:0:fn:F:
field:sn:F:T:::F:F:F:0:0:n:F:
field:givenname:F:T:::F:F:F:0:0:n:F:
#
# The following values may be edited, displayed etc
field:uid:F:F:Year:graduatingyear:T:T:F:0:0::F:
field:employeetype:F:F:Status (P,S,A,D)::F:T:T:1:0::F:
field:mail:F:F:E-Mail Address::T:T:T:32:50:email;internet:F:
field:homephone:F:F:Home Phone::T:T:T:14:20:tel;home:F:
field:telephonenumber:F:F:Work Phone::T:T:T:14:20:tel;work:F:
field:mobile:F:F:Mobile Phone::F:T:T:14:0:tel;cell:F:
field:postalAddress:F:F:Street Address::F:T:T:32:50:adr:F:
field:l:T:T:Locality/City:residentofl:F:T:T:20:50:+adr:F:
field:st:F:F:State/Province:residentofstate:F:T:T:4:24:+adr:F:
field:postalcode:F:T:Postal Code:residentofpostalcode:F:T:T:12:0:+adr:F:

Note that the ADMIN1 configuration will display an extra table field for a hyperlink to delete an entry.

Sample HTML form for ADMIN1:

<HTML>
<HEAD>
<TITLE>Administer Stooges Family Directory</TITLE>
</HEAD>
<BODY bgcolor="#ffffff" text="#000000">
    <P>
    <HR width=65%>
    <P>
    <CENTER>
       <H1>Administer Stooges Family Directory</H1>
    </CENTER>
    <P>
    <HR width=65%>
    <P>
    <form method="post" action="/cgi-bin/awebdap.cgi">
    <select name="selectoption">
       <option value="personname">Name contains:
       <option value="residentofl">Lives in the city of:
       <option value="residentofpostalcode">Postal code begins with:
       <option value="residentofstate">Lives in the state of:
    </select>
    <input type="hidden" name="type" value="query">
    <input type="hidden" name="awebdapdomain" value="ADMIN1">
    <input type="TEXT" name="searchfor">
    <input type="submit" value="Submit">
    </form>
    <P>
</BODY>
</HTML>

Note that the ADMIN1 configuration will display a an extra table field for a hyperlink to delete an entry. The VCARD column was not displayed as it does not seem like a feature that would be used by an administrator. Of course aWebDap is completely configurable to do whatever you like.

Person	E-Mail Address	Home Phone	Company Name	Work Phone	State/Province	More Info	Modify	Delete
Anderson, Larry	LAnderson@isp.com	800-555-1313	ABC Inc.	(800)555-1212	TX	Display	Modify	Delete
Anderson, Moe	MAnderson@isp.com	800-555-1313	XYZ Inc.	none	TX	Display	Modify	Delete
Anderson, Curley	CAnderson@isp.com	800-555-1313	IJK Inc.	none	TX	Display	Modify	Delete

Sample HTML form for ADMIN1 domain and LDAP entry addition:

<HTML>
<HEAD>
<TITLE>Stooges Directory</TITLE>
</HEAD>
<BODY bgcolor="#ffffff" text="#000000">
    <P>
    <HR width=65%>
    <P>
    <H3>Add an entry</H3>
<FORM method="post" action="/cgi-bin/awebdap.cgi">
<INPUT type="hidden" name="adddn" value="ADDDN">
<INPUT type="hidden" name="awebdapdomain" value="ADMIN1">
<TABLE cellspacing="2" cellpadding="2" >
<TR><TD>Last Name:</TD><TD><INPUT type="text" name="fmsn" size="32"></TD></TR>
<TR><TD>First Name:</TD><TD><INPUT type="text" name="fmgivenname" size="32"></TD></TR>
<TR><TD>Organizational Unit/Group:</TD>
<TD><SELECT name="fmou">
    <option value="MemberGroupA">MemberGroupA
    <option value="MemberGroupB">MemberGroupB
    </SELECT>
</TD></TR>
<TR><TD>State/Province:</TD><TD><INPUT type="text" name="fmst" size="2"></TD></TR>
</TABLE>
<P>
Password: <INPUT type="password" name="addpassword">  <INPUT type="submit" value="Add User Data">
</FORM>
<P>
</BODY>
</HTML>

Note:

• The "Organizational Unit" was configured as a pull-down menu because any mistake in spelling would result in a database error. The "Organizational Unit" must match an existing object definition in the LDAP database.
• Fields representing mandatory entries to generate the LDAP "dn" are presented. The LDAP "objectClass" definitions are held in the configuration file.
• The "State" field was added to show that other entries may be added to the entry creation process. If any of the other fields were entered in this form that are also supported in the configuration file, then aWebDap picks it up.

Sample HTML form for DOMAIN2:

<HTML>
<HEAD>
<TITLE>Delta House Directory</TITLE>
</HEAD>
<BODY bgcolor="#ffffff" text="#000000">
    <P>
    <HR width=65%>
    <P>
    <CENTER>
       <H1>Delta House Directory</H1>
    </CENTER>
    <P>
    <HR width=65%>
    <P>
    <H3>Phone Book and Contact Database</H3>
    <P>
    <form method="post" action="http://localhost/cgi-bin/awebdap.cgi">
    <select name="selectoption">
       <option value="graduatingyear">Graduation Year:
       <option value="personname">Name contains:
       <option value="residentofl">Lives in the city of:
       <option value="residentofstate">Lives in the state of:
    </select>
    <input type="hidden" name="type" value="query">
    <input type="hidden" name="awebdapdomain" value="DOMAIN2">
    <input type="TEXT" name="searchfor">
    <input type="submit" value="Submit">
    </form>
    <P>
</BODY>
</HTML>

The following are the VCARD directives used to describe LDAP entries:

LDAP field	VCARD directive
cn	FN
sn	N
title	TITLE
mail	EMAIL;PREF;INTERNET EMAIL;INTERNET
homePhone	TEL;VOICE;HOME TEL;HOME
telephoneNumber	TEL;WORK
mobile	TEL;CELL
facsimileTelephoneNumber	TEL;FAX;WORK
postalAddress l st postalCode	ADR;TYPE=WORK ADR
homePostalAddress	ADR;TYPE=HOME
description	NOTE
labeledURI	URL

The aWebDap directive VcardOrgName in /etc/awebdap.conf is used to define the VCARD directive org.

The following is a trigger script I use to email updates to someone who cares. The script e-mails the CSV output data file. The script could have been written to perform a SQL database update or anything you want. To invoke this feature, the following has to be set in the file: /etc/awebdap.conf

• UpdateModifyTrigger:T: Must be set to "T"
• UpdateModifyTriggerScript:/opt/bin/aWebDapTrigger.sh: Specify the full path and file name of the script to execute.
• UpdateModifyTriggerData:/tmp/aWebDap.csv: This is the file which will be opened and written to by aWebDap. The output will be in CSV (Comma Separated Variables) format.
• Each field to be written must be flagged in argument 13 as "T".

Sample shell script: /opt/bin/aWebDapTrigger.sh

#!/bin/sh
/usr/bin/metasend -b -F "Webmaster <Webmaster@domain.org>" -s "LDAP database updated" -t larry@isp.org -c curley@isp.net -e 7bit  -m "text/plain" -f /opt/etc/aWebDapTriggerGreeting.txt -n  -m "text/plain" -f $1

• Screen shots and sample aWebDap configuration for CELL phone use
• Screen shots of aWebDap and WebTV