Ever since I started looking at Android a little over a year ago, I’ve had a simple LDAP client in one form or another. Since the UnboundID LDAP SDK for Java works on Android, it wasn’t too difficult to put a simple GUI on top of it that allows you to perform LDAP searches. However, until recently it wasn’t in a state that I felt was suitable for publishing. Prompted by the Android Developer Labs (which I attended earlier tonight), I finally got around to making it presentable, and as of a few minutes ago, the app is now available for free in the Android Market. It’s far from a masterpiece, but it can be pretty useful if you want to access LDAP content. Some of the features it has include:
- It has support for multiple servers. Each server definition includes an address, port, security mechanism (none, SSL, or StartTLS), optional bind DN and password, and optional base DN.
- You can customize the type of search to perform. It has a drop-down that allows you to select the type of search (last name, first name, full name, e-mail address, or user ID), or if you want you can enter your own LDAP search filter.
- If multiple entries are returned, you can see a brief summary of each. Tapping on one of them will take you to a more complete view of the entry. Long-tapping will pop up a menu with options for the entry (view a formatted representation, view an LDIF representation, copy the DN to the clipboard, or copy the LDIF representation to the clipboard).
- When viewing a single entry, clicking on the header for that entry will allow you to view the entry as LDIF, copy the DN to the clipboard, or copy the LDIF representation to the clipboard.
- Clicking on a telephone number in an entry will allow you to dial or send an SMS message to that number, or copy the number to the clipboard.
- Clicking on an e-mail address in an entry will allow you to send an e-mail to that address, or copy the address to the clipboard.
- Clicking on a postal address or ZIP code in an entry will allow you to show a map of that location, navigate to that location, or copy the address to the clipboard.
- Clicking on any other attribute in an entry will allow you to copy the value of that attribute to the clipboard.
- A button at the bottom of the panel for a user entry will allow you to add information about that user to your local contacts.
If you have an Android device, then you can find this application in the market just by searching for “LDAP” (it’s currently the only match). The full name is “LDAP Client” and the author is “Neil Wilson”. I hope to improve it further in the future, but I at least wanted to get this reasonably-functional version out there for people that have a use for it.
dc=nawilson,dc=com 
Thanks for this little gem. It works great for searching our ldap directory, sending email, or calling. It definitely make life *MUCH* easier.TY-DCP
LikeLike
We will make use of UnboundID LDAP SDK (really great work!) in an app for android, so we would like to know if you will release the source code of your app.Just to speed up the development, because the API is extremelly simple.Regards,Omar
LikeLike
The source code for the Android LDAP client is included with the UnboundID LDAP SDK for Java. It’s in the android-ldap-client directory of the zip file containing the SDK.
LikeLike
I just tried to install this so I could access my company’s ldap contact directory and I keep getting an error related to SSL. Are there any known issues with SSL?
LikeLike
I did recently find a bug related to SSL-based communication in which case there may be a race condition that could cause the communication to fail if any part of the negotiation took longer than 50 milliseconds. That bug has been fixed in the repository and the fix will be included in the next release of the LDAP SDK and in the Android client. Hopefully both of those releases will be in the near future.
LikeLike
It works!Just tried the LDAP Client on Android 2.1. However, I’m facing the following problems:- once a server is added it can’t be edited or deleted (this is a big problem because inserting the BINDB, BASEDB, etc is very error prone!); or I couldn’t see how to do it…- we have to put * around the search string (ex: *Wilson*) for the search to work- there’s no option to import a search result to the local addressbook- although advertised I can’t find a way to dial a number, or send an email from the search result: it only gives me an option of copying to the clipboard
LikeLike
I need to clarify my previous comment:It works well if contacts are under the BASEDN, ex dc=domain, dc=com.But in my case contacts are under sub OU like:cn=XXXXX,ou=COMPANY,ou=CATEGORY,ou=Address Book, dc=DOMAIN,dc=COMwhere CATEGORY is something like: SUPPLIERS, CUSTOMERS, PARTNERS, etc.The contacts under this structure can’t be added nor their phones and emails are recognized on the result.
LikeLike
You can remove or edit a server once it has been created. To do so, go to the first screen that lists the servers and includes the new server button at the bottom. Then, press and hold on the server that you want to edit or remove, and a menu should appear with the options "Search this server", "Edit settings for this server", and "Remove this server".As far as putting asterisks around the search string, that depends more on the data in the server than the client itself. The LDAP client creates a filter using the pattern "(attr=value)", where attr is the name of the LDAP attribute associated with the given search type and value is the text you entered into the Search Text field. For example, if you choose a search type of Last Name and enter "Wilson", then it will create an LDAP filter of "(sn=Wilson)". Whether that matches anything depends more on the data in the directory than the client accessing it. I intentionally do not surround the value with wildcards because substring searches can be much more expensive to process than equality searches, and may also return a lot more results. If you want to use wildcards then you’re free to do so but it will not add them automatically.If your search matches multiple entries, then you will see a list of basic information about those entries, and touching any one of those records will take you to a more detailed view of that record. If the search matches only a single entry, then you will be taken directly to it. At the bottom of that entry there will be an option to add that user to the local contacts, and tapping any of the attributes in the entry will bring up a menu of options that you can perform with that attribute. Tapping a telephone number should bring up a menu with options including "Dial this number", "Send a text message" or "Copy number to clipboard".Note that if you don’t see the "Add to Contacts" button at the bottom of the entry, and if you only see a "Copy value to clipboard" option, then the most likely explanation is that the client doesn’t recognize the entry as representing a person. It currently only provides this special treatment for entries containing the person object class. If the entries that you have don’t have the person object class, then they will be treated as generic entries and there will only be a very limited set of options available.The hierarchical structure of the directory should not have any impact on the behavior of the LDAP client. As long as the entries exist at some point at or below the base DN to any depth, then it should work the same. If you see different behavior for some entries than others, then it’s likely that some of those entries have the person object class and others don’t.In the future if I ever get around to updating the application, then I do intend to add a lot of other options so that you can customize the behavior of various attributes and types of entries. Unfortunately, I never seem to find the time to get back to working on it.
LikeLike
Hi again,Thanks for the useful comment:- server removal / editing: silly me or perhaps android newbiness; I wonder if others felt the same- * on the query: fair enough- objectClass=person: you’re right again (seems that we’re using mozillaAbPersonObsolete)I’ll write a blog post to summarize all this as soon as things are sorted out.
LikeLike
Hello Neil.After some investigation seems that not all Address Books use person. Ours uses mozillaAbPersonObsolete in order to be compatible simultaneously with Kmail, Thunderbird and OpenOffice (for mail merge). And seems that this can’t be changed once the Address Book is written.Could LDAP client when not finding the Person objectclass still try to match attributes like:mailworkurltelephoneNumberhomePhonemobilehave phones and emails recognizaed and display the contact entry according to the givenName value instead of the whole LDAP address?
LikeLike
A future version will allow you to customize how attributes are treated.
LikeLike
Thanks for this great app! You rock! Works like a charm on my HTC Desire. I do have a couple of feature requests though, hopefully not too complicated to implement.1. Clicking 200+ records to import each of them into the contacts list is awkward. An option to import the entire search result in one run would be lovely. I’m guessing that wouldn’t take much more coding than an extra UI-button and a for loop.2. Re-entering a search filter each time you connect is cumbersome. Could this setting be moved to server settings, where it is saved? That would especially be great in combination with an option to add a new server based on an existing one and not have to reenter the dn’s. Another approach would be to add the possibility to save search filters separately from the server settings, preferably in combination with the base dn and scope of the search.3. Some LDAP servers, at least the one I’m running, do not require that each parent objectClasses be specified in the record since they can be derived from the schema. Of course any server admin can define his own inheritance tree for objectClasses in their config files. I’m not sure about mozillaAbPersonObsolete, but I do believe that organizationalPerson and inetOrgPerson are pretty standard all over the LDAP world. Your LDAP client does however not recognize those records as descendants of person. Would be great if you could add them. For me this is not crucial as I run my own LDAP server, and Evolution, my e-mail client, adds the person objectClass when I create new contacts. Many other users have to make do with what their LDAP admin happens to provide though.4. An option to add contacts from the phone to the LDAP-server would be great too. That would be a first step to two-way syncing. Two-way sync would imho involve storing the contact’s dn in a comment field in android’s contacts so the app can later tell where it came from and see if there are any changes.Hope you’ll pick up on these suggestion. Did I already mention that your app is great and that you rock? Keep up the good work.Oscar
LikeLike
HIYour app sounds wonderful, but I can’t see it in Market from my SE X10 mini pro. My guess it’s a display resolution issue? Any chance of making it available for different resolutions?Regards/MrMan
LikeLike
I don’t believe that it’s a resolution issue. There is nothing in the application which is in any way dependent upon the resolution of the device.What version of the Android OS is your device running? The application is designed to require Android 1.5 or later, although according to the dashboard at http://developer.android.com/resources/dashboard/platform-versions.html that should cover about 99.7% of all devices in use.If you can’t see it in the market for some reason, you could try building it yourself and installing it on your device manually. If you download the UnboundID LDAP SDK for Java (available at http://www.unboundid.com/products/ldapsdk/), then that will include source code and build instructions for the LDAP client.
LikeLike
I believe the SE X10 mini pro has Android 1.6 so I don't think that's the problem. I still cant download it from market. Wifey has the HTC Hero and there is no problem there.Regards/MrMan
LikeLike
Now it's suddenly working to download from market to the SE X10 Mini Pro. Great!/MrMan
LikeLike
Hi,I cannot connect to my server ( Lotus domino), other clients, ex. Thunderbird, evolution, kontact, work fine.I have to do athentification, so I fill in Bind DN with my username and give my password. The server is not doing any encryption.When I test the connection, I get "The bind DN appears to be invalid: The provided string could not be decoded as a DN because no equal sign was foun after the RDN attribute 'username'. "
LikeLike
Nice little app. Are there registered intents so that i can use it embedded in other apps.ThanksDick
LikeLike
Thanks for this great app! I works just fine for me, until I click on the "Add to contacts" button. If I do this, I always get an error message, that the app is not responding. I would really like to use this feature, so is there anyway I can help you to debug this issue?I use Froyo 2.2 on my Samsung Galaxy S.Cheers,Dennis
LikeLike