vCard Map Feature

This directory services synchronization feature allows administrators to define mapping of LDIF attributes to groupware ones.

The config/syncad.dat xml file includes the <VCARDMAP> element that contains mapping description. When an administrator sets directory service for some domain, this element is filled with the default mapping.

However, it is possible to edit this file manually to change the default behaviour and specify own synchronization rules. This can be done on domain basis, because the <VCARDMAP> element exists for each domain. Should the configuration parsing error occur, it is logged to the error log and default synchronization rules apply. You can revert back to the default by deleting the whole <VCARDMAP> element and saving the synchronized domain again.

The content of the <VCARDMAP> element is in versit-like format, each line contains a rule in the following form: VersitItem:LDIFAttribute. A versit for each user is created using these rules and then stored in groupware using the SetMyvCard method call. LDIFAttribute can contain either text, which is directly used, or variables. The form of variables is in general: ${VARIABLE_NAME}. In the simplest form, VARIABLE_NAME just equals to LDIF name, so it can be for example: ${title} or ${wwwhomepage}. Names are case insensitive.

Example 1: the whole line can be: URL:${wwwhomepage}.This will place wwwhomepage read from AD to URL item in user's versit. If no wwwhomepage exists in AD, previous example results in: URL. This can be prevented by adding an exclamation mark after opening curly bracket: URL:${!wwwhomepage}. This will expand to nothing, in the case no wwwhomepage (for this user) exists in AD and it will behave like before when it is there.

More variables can be used on one line mixed with strings. In this case exclamation marks apply to whole line.

Example 2: N:${!sn};${givenName} will expand to:

• N:sn;givenname, when there are both sn and givenname in AD
• N:sn;, when there is no givenname in AD
• Nothing, when there is no sn in AD, regardless of givenname existence

• When the item is in LDAP form, like: manager: CN=John Doe,CN=Users,DC=icewarp,DC=com and you need just cn to be used, you can extract LDAP attribute from the value using this syntax: X-MS-MANAGER:${manager[cn]}

Of course you can use any LDAP attribute in solid brackets.

Sometimes there is a situation, when more LDAP items apply to one GW item. You can specify alternatives by separating them by comma within the VARIABLE_NAME part.

Example 3: FN:${displayName,fn} will expand to:

• FN:displayName, when there is only displayName in AD
• FN:fn, when there is only fn in AD
• Two lines: FN:displayName and FN:fn, when both displayName and fn exist (see the next paragraph to know, what to do with that).
• FN:, when there is neither displayName nor fn in AD. You can use exclamation mark to skip this line in this case: FN:${!displayName,fn}

Sometimes you do not want to expand each alternative in the list, you just want to expand one. For this behaviour, you should use "|" symbol to separate items in the list. The first item has the highest priority in this case.

Example 4: FN:${!displayName|fn} will expand to:

• FN:displayName, when there is only displayName in AD
• FN:fn, when there is only fn in AD
• FN:displayName, when there are both diasplayName and fn in AD
• Nothing (will be skipped), when there is neither displayName nor fn in AD (because of the exclamation mark)

Example 5: ADR;TYPE=WORK:;;${streetAddress,street};${location,l} will expand to four lines, when there are all four properties in AD. If you want to have the $ literal in some item, you have to write it twice in the map, i.e. MONEY:100$$.

See the default {VACRDMAP} content in the syncad.dat file for more examples.