[Tickets #8293] Re: LDAP Auth driver should have configurable capabilities
noreply at bugs.horde.org
noreply at bugs.horde.org
Wed Jan 14 15:28:11 UTC 2015
DO NOT REPLY TO THIS MESSAGE. THIS EMAIL ADDRESS IS NOT MONITORED.
Ticket URL: https://bugs.horde.org/ticket/8293
------------------------------------------------------------------------------
Ticket | 8293
Updated By | grafnetter at dekanat.mff.cuni.cz
Summary | LDAP Auth driver should have configurable capabilities
Queue | Horde Framework Packages
Version | FRAMEWORK_3
Type | Enhancement
State | Rejected
Priority | 1. Low
Milestone |
Patch |
Owners |
------------------------------------------------------------------------------
grafnetter at dekanat.mff.cuni.cz (2015-01-14 15:28) wrote:
I would also like to see this feature implemented.
In our environment, the LDAP database is read-only for Horde and user
management is done throuhgh other means. If someone tries to perform a
write operation in Horde (add, update, resetpassword, remove), he gets
an error.
Therefore, the ability to disable these capabilities at the LDAP
backend level, so they are not exposed in the UI would be great.
I temporarily edited my local copy of Horde/Auth/Ldap.php:
protected $_capabilities = array(
'add' => false,
'update' => false,
'resetpassword' => false,
'remove' => false,
'list' => true,
'authenticate' => true,
);
Although it works, it is of course not a viable solution. It would be
much better if this could be done through configuration.
More information about the bugs
mailing list