Add LDAP AccountThis is the third blog entry I do about LDAP on the iPhone. Back in August 2008 I first wrote No LDAP client for iPhone :-( and then a bit later iPhone and LDAP. One of the new, not hyped, news in iPhone 3.0 is a built-in LDAP client. Previously, a third-party app such as Directory or LDAPeople was required.

Configuring LDAP is real easy:

  1. Go to Settings > Mail, Contacts, Calendars
  2. Tap “Add Account…”, then “Other”
  3. Under Contacts, “Add LDAP Account”
  4. Enter account information:
    • Server: ldap.company.com
    • User Name: Not all organizations require their users to use username and password to get access to their LDAP service
    • Password:
    • Description: For instance your organization/company’s name
  5. Tap “Next”

The iPhone tries to use SSL by default. If your server doesn’t support this, it will time out and try to connect without. But Apple’s LDAP implementation doesn’t let users configure the port number, so if your organization doesn’t use standard ports for their LDAP service, then a third-party application still might be your only option.

IMG_0050The implementation of LDAP on the iPhones have a few other limitations:

  1. It doesn’t appear to support Kerberos authentication
  2. You can’t browse the directory (it’s search-only) so you have to know who you’re looking for ahead of time
  3. LDAP information is limited to phone numbers, a single work addresses, and a single email address
  4. The LDAP implementation only works from within the Contacts, and not from the To:, Cc: and Bcc: fields in Mail

Corporate users would perhaps request to be able access their Microsoft Active Directory to get the same information. Note that if you are using Exchange ActiveSync for your corporate email, the iPhone will be able to search the Global Address List (GAL) without setting up LDAP. With iPhone 3.0 you should be able to search the GAL through ActiveSync.