3

We store user email addresses, phones, physical addresses and other info in our corporate Windows Active Directory. Active Directory users need to access this information from all kind e-mail clients, such as Mozilla Thunderbird, Outlook, iOS Contacts, MacOS X, Android addressbook, etc. both from corporate network and outside if it, from Internet. We do not use Microsoft Exchange server.

I have found that this could be done via LDAP and CardDAV (through in-house app installed).

Which one to be better approach for accessing contacts in all kinds of email and mobile clients LDAP or CardDAV?

IT Hit WebDAV
  • 5,652
  • 12
  • 61
  • 98

1 Answers1

1

Think about this way - Active Directory is Microsoft's own implementation of LDAP, in addition to being their version of a database driven directory server. I wouldn't use anything else.

Also, Active Directory primarily supports LDAP based user authorization, so if you're going to be serving applications or individual requests outside of your local network and domain (especially from the various sources you named), this is a feature you'll need to consider for security purposes.

I'm not quite sure what your tech stack looks like, but many languages support LDAP based querying and authorization. I've cut my teeth in C# working with the System.DirectoryServices.Protocols namespace, and I've come to appreciate the adaptability and performance.

And, here is great link on the Protocols and Interfaces to Active Directory.

X3074861X
  • 3,709
  • 5
  • 32
  • 45
  • Does iOS Contacts, Android Contacts, and most email applications support contacts access via LDAP? – IT Hit WebDAV Nov 07 '13 at 03:41
  • One issue that I see with LDAP is that I will need to open port 389, which is probably closed by default. While CardDAV will run over default HTTPS port 443. Or am I wrong? – IT Hit WebDAV Nov 07 '13 at 03:52
  • I may have misunderstood your question, but yes, both iOS Contacts and Android Contacts have implementations for LDAP, and you can create LDAP accounts on their respective devices as well - in doing so you don't need to worry about the port, you just need valid domain credentials. – X3074861X Nov 07 '13 at 15:30
  • Thank you for explanation, X3074861X. But anyway I did not catch why I need not to worry about the port. I still think that port 389 is an issue in my case. It is simply closed for access from Internet, and this is the common practice as far as I understand. – IT Hit WebDAV Nov 07 '13 at 22:50