[Tickets #6883] Re: group permission with LDAP does not work
bugs at horde.org
bugs at horde.org
Thu Jun 12 05:40:09 UTC 2008
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: http://bugs.horde.org/ticket/6883
-----------------------------------------------------------------------
Ticket | 6883
Updated By | Klaus.Steinberger at Physik.Uni-Muenchen.DE
Summary | group permission with LDAP does not work
Queue | Horde Groupware
Version | 1.1
Type | Bug
State | Assigned
Priority | 2. Medium
Milestone |
Patch |
Owners | Horde Developers
-----------------------------------------------------------------------
Klaus.Steinberger at Physik.Uni-Muenchen.DE (2008-06-12 01:40) wrote:
> Yup, that'd be a problem. I wonder if we can do a mapping table
> somewhere, to avoid making the group_id field a string?
Yep, some ideas:
a) Maybe we could use the horde_groups table normally used by the sql
driver for the mapping. There have to be some mechanism for synchronisation
ith the directory.
b) The second idea is no general solution. Will only work with LDAP
entries with objectclass posixGroup:
The gidNumber attribute could be used as "group_id", but this will
definitly fail with non Posix Groups (e.g. it will fail with Active
Directory).
So I thing a mapping table would be the more general solution, but
synchronisation with the Directory Service is probably the largest
challenge in this approach.
Sincerly,
Klaus
More information about the bugs
mailing list