I agree that it should be more thought out and someone should implement an address book feature in a comprehensive manner. However, for those needing a quick and ugly way to implement a simple global address book you can do as below.
Before doing this, I HIGHLY recommend that you run a configuration backup first.
New Organizational UnitCreate a new organizational unit and call it whatever you want. (For this example, it will be abook). If you don't know how to do this, you can install phpldapadmin or another ldapbrowser and add a new ou through there. Login as cn=admin,dc=ebox your password is shown in plain text in slapd.conf or ldap.secret.
Setup the ACLssh into your ebox server. Use your favorite editor to edit slapd.conf. Scroll down and add the lines
access to dn.subtree="ou=abook,dc=ebox"
by users write
by anonymous none
between the lines:
access to dn.base="" by * read
and
access to *
by dn="cn=admin,dc=ebox" write
by * read
This allows all your users to have write access to the whole of the global address book "abook". If you only want them to have read access, change "write" to "read" in the line you add. You could also allow different groups to have different levels of access.
Restart slapdRestart slapd. On an Ubuntu or Debian box, type:
sudo /etc/init.d/slapd restart
That's it! Your users should be able to bind to the address book using uid=<userid>,ou=Users,dc=ebox with the address book dn as ou=abook,dc=ebox.
P.S. If someone wants to improve on this, please do so! I know very little about ldap, I only know enough to have gotten this working for my small organization.