Version: (using KDE 4.3.2) OS: Linux Installed from: Ubuntu Packages I tested kaddressbook (4.3) as front-end to manage contacts in a LDAP directory (addressbook). The server runs openldap 2.4. kaddressbook perfectly adds and deletes contacts. But it fails to modify attribute values of a contact within the LDAP directory. After changing e. g. the facsimile number of a contact, kaddressbook shows the updated number but the new number is not saved in the LDAP directory. OpenLDAP reports following failure: 'value #0 invalid per syntax'. According to other sources in the internet this is a sign for a missing objectClass. When checking further I found out that kaddressbook CAN modify contact information in the LDAP directory if following objectClasses are part of the contact entry: person, organizationalPerson, inetOrgPerson. If I add directly a contact to the LDAP directory (using ldapadd) with all mentioned objectClass values defined, kaddressbook can save the modifications to the directory. But during modification the objectClass values person and organizationalPerson disappear in the directory entry. objectClass inetOrgPerson is the only one left. It seems that kaddressbook can only handle this objectClass. As a work-around I set up an ACL (olcAccess: to attrs=objectClass value=organizationalPerson by dn="cn=admin,dc=gas,dc=de" write by dn="cn=AddrAdmin,dc=gas,dc=de" add by * read) that prohibits the addressbook admin (i. e. kaddressbook) from deleting the objectClass values person and organizationalPerson of a contact entry in LDAP. But this doesn't help. In fact, instead of modifying single attributes of a contact within the LDAP directory, kaddressbook completely deletes the contact from the LDAP directory and adds it again. But only with those LDAP attributes that kaddressbook can handle. As there are several Internet sources that recommend kaddressbook as a LDAP front-end for managing LDAP based addressbooks, this is a severe bug. kaddressbook should only be allowed to modify attribute values, but not deleting them. LDAP directories are a sensitive central network resource that are usually accessed and managed by several applications.
Created attachment 38937 [details] LDAP test contact
After checking the source code (provided by Ubuntu) I found following solutions for this bug report: 1. Missing objectClasses This problem can be easily solved. By default kaddressbook supports only inetPerson as objectClass for its contacts. But in the preference dialog for the LDAP addressbook there is an attribute mapping button. Once it's pressed a mapping dialog pops up which has an entry object classes. Just add the missing objectClasses with comma separation. The final entry should look as follows: person,organizationalPerson,inetOrgPerson 2. Attribute Modification fails This problem still occurs after having applied the solution for problem 1. But this is not a bug of kaddressbook. It's a bug of kdepimlibs which kaddressbook uses. 3. Complete deletion and add of contacts in case of modification This problem cannot be confirmed. Maybe my ACLs where not correctly set up. After checking the LDAP protocol between kaddressbook and my LDAP server and the kdepimlibs source code, it seems that kaddressbook only modifies the attributes using the 'replace' operation. I will set this bug report to 'resolved' and open a new for kdepim.