Connector for Outlook: Updated Technical Note

The technical note titled "Configuring Calendar Server for Connector for Microsoft Outlook" has been re-released to include new information about limiting directory browsing. The document is available at the following location:

http://docs.sun.com/app/docs/doc/819-5200/

The following information was added to the section titled Configuring Shared Calendar LDAP Lookup:

The above ACI may pose a security issue if restricted user information is stored in certain attributes, for example, dn, givenName, sn, uid, or mail. To restrict the browsing of the directory to only people making the queries from a specific Calendar Server, change the above ACI to something like:

aci:(targetattr="icscalendar || cn || givenName || sn || uid || mail") (targetfilter=(|(objectClass=icscalendaruser)(objectclass=icscalendarresource))) (version 3.0; acl "Allow calendar users to read and search other users - product=ics,class=admin,num=3,version=1"; allow (search,read) (ip="192.200.2.82,127.0.0.1,192.200.2.81")and (userdn="ladp:///uid=\*,ou=People,o=sesta.com,o=usergroup");)

The IP addresses listed in the above ACI example (192.200.2.82, 127.0.0.1, and 192.200.2.81) are the IP addresses from which the Calendar Server makes the queries.

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About

Reporting about Unified Communications Suite Documentation, including news, Comms 101, documentation updates, and tips and tricks.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today