Hiusing form “Person” LDAP shows attributes like firstname, lastname, fullname, email, shortname.
We modified our NAB (Directory) changing the Type of some person-documents, form still is “Person”.
Searching these documents with LDAP returns firstname, lastname, fullname, shortname, but not the mail adresses.
My Question:
From where (view?) LDAP gets the mail address?
There is no mail information in the 5 $LDAP-views.
Your help will be much appreciated.
Subject: LDAP mail addresses
First I do not understand your question completely. What did you change exactly?
I will try to give you some directions to look to. I am not a complete Domino LDAP expert, but have gain some experience on this terrain the last few months for a Domino / WebSphere project.
The Domino Directory has some views which have a name starting with LDAP. As far as I know there is no direct relation between the contents of these views and the LDAP information you query with a LDAP tool.
I use a freeware LDAP tool named Softerra LDAP browser (http://www.ldapbrowser.com) to query my LDAP enabled Domino server. This tool I have used to check what you can see anonymous when you query LDAP.
I noticed that the LDAP mail attribute is “mail” and not “email”. The LDAP mail attribute maps to the Domino attribute “InternetAddress” on the person document. Check the Domino LDAP schema database(schema.nsf) on your Domino server for all mappings.
This schema database is responsible for the LDAP results. Because you have modified the Domino Directory it is possible the schema doesn’t reflect your current environment. You can try to update the schema by entering the following command on the server console: “tell ldap reloadschema”.
Before you do this check also the Admin 6 helpfile for more information about LDAP. Look in the contents view for “Directory Services” and check “The LDAP Service” and “LDAP Schema” categories.
Subject: RE: LDAP mail addresses
HiThank you very much for your reply, you are right: mail attribute is “Mail”. But are you sure LDAP takes the attribute directly from the person document not from a view (means not the ldap views) like $Users or ???
I am using WS_Ping ProPack as LDAP tool, that shows me all persons which have a “MailAddress” and with Type “Person”, although InternetAddress is empty !! Thats what I don’t understand. Persons with Type “OtherType” don’t show up. Form is “Person” in either case.
Subject: RE: LDAP mail addresses
I guess these hidden LDAP views are filters to which information can be queried by LDAP. The attributes per information type (like person, group, etc.) are defined by the schema as far as I know.
The view selection formula of ($LDAPG)and ($LDAPS) do a selection on "SELECT Type = “Person”:“AltLanguagePersonalInfo”. If you modified the type of the person in the field Type to “OtherType” it will not show up in these views. Modify the view selection formula of these views by adding your “OtherType” to them and check again if they will appear in your LDAP tool.
Subject: RE: LDAP mail addresses
I already modified all type-dependacies in the LDAP views ($LDAPS, $LDAPG, $LDAPHier, $LDAPRDNHier and $LDAPCN).
And I can see the documents with different Type from my external ldap-tool, but not their MailAddress. There must be a solution because I already had it - urrgggss
Subject: RE: LDAP mail addresses
I am trying to reproduce your problem in my Domino/LDAP test environment.
I created a person document in my Domino Directory named “CN=LDAP Test/O=TestDomain” with as mail system “Other Internet E-mail”. I filled the internet address field with an e-mailaddress like “ldaptest@sometestdomain.com”. When I look in my LDAP tool I see this entry and see the e-mail address in the mail entry. The person doc belongs to the object classes: dominoPerson, inetorgPerson, organizationalPerson, person & top.
When I changed the value of the field “Type” to the value “OtherType” as you described the only change I notice is that the object classes change (and the document is not shown in the person view in the Notes client). Only one class is left and is named “OtherType”. I can still see the mail entry with the e-mail address in it. I also didn’t have to change any view settings for this.
I also have filled in a forwarding address. When I was testing this I noticed the following when examining the data with my LDAP tool:
The LDAP field “mail” matches to the Notes field “InternetAddress” which is on the person form the “internet address”
The LDAP field “mailaddress” matches to the Notes field “MailAddress” which is on the person form the “forwarding address”
When you have no value in the forwarding address field you will not have a entry called mailaddress when you query LDAP. Are you not mixing up the “internetaddress” and “forwarding address” fields?
Subject: RE: LDAP mail addresses
HiI downloaded the ldap tool you have recommended and now I can see more -
Thank you very much for all efforts.
I can see the MailAddress now 
The “OtherType”-Docs are listed wih their object class, but I can only see the first portion of all documents?
And there are some errors concerning invalid “dn” - a result from fullname containing “+” ? There are some operation errors too, i will find out…
Subject: RE: LDAP mail addresses
About your remark of the first portion of all documents. I assume you mean that you use the tool and you see only see the first for example 1000 entries of your Domino Directory. This is the result of the default count limit. Check the properties of your profile in the tool. On the LDAP settings tab you can increase the number to see more documents.
From my own experiences with LDAP I want to remark that if you add a new entry to your Domino Directory the entry don’t appear always before the Full-text index / view indexes are updated. Also changes or deletions sometimes are not seen before the indexes are updated.
The “+”, and a lot more characters, can generate problems for SSO (Single Sign On) with WebSphere and to log on to Domino databases via the web interface. I have not tested this with LDAP yet but I can imagine these characters will give problems to LDAP also. I added a “+” to one of my test users in the fullname field for a quick check and the entry appeared as “CN=Test+Person LDAP/O=TestDomain” instead of “Test+Person LDAP/TestDomain”. Strange behaviour but I had no problems when viewing this entry with the LDAP tool.
I have tested for SSO a lot of special characters. The following were tested and gave trouble (to Domino or WebSphere):
; , / < > " @ ( ) = $ % * \ : ? á à ä â ã é è ë ê ó ò ö ô õ í ì ï î ú ù ü û ç €
Also the capital versions of these characters gave trouble. Maybe there are more characters which will not work but these I know for sure. Maybe some will give also trouble to LDAP.
Subject: LDAP and MailGate Spam appliance
I was having problem with the MailGate, error message "alias consolidation failed: Couldn’t connect to LDAP"I refreshed the design for names.nsf, then “tell ldap reloadschema” then I rerun the LDAP setup in the MailGate n it worked!
thanks Anti for the tip on “tell ldap reloadschema”