[dev] Horde and LDAP in a different way.
Chuck Hagenbuch
chuck at horde.org
Sun Jan 2 17:32:40 PST 2005
Quoting Ola Lundqvist <opal at debian.org>:
> I'm in the process of making horde, imp and turba capable of
> using users in different basedn.
>
> I have made a patch to allow it to have preferences in any
> user matching a uid=user criteria by letting it search for the
> DN if it can not authenticate to the uid=$user,$basedn.
>
> I have one user at
> uid=test,ou=People,$basedn
> and one user at
> uid=ola,o=opalsys,$basedn
>
> The reason for this is of course that I want different people
> administrating different parts of the LDAP tree.
Okay, sounds good.
> Patch can be found at:
> http://www.opal.dhs.org/involved/patch/horde/
You don't need the DataTree patch, btw; that's been fixed in CVS.
> I want to add possibility to have address book under the
> binddn, and many more things based on the DN that the
> user actually bind to (not just the username).
K.
> I can fix this by searching for the user dn in any place this
> is needed, but then I need to do a LOT of searches.
>
> Istead I want to be able to save the DN that the user is
> authenticated against, just like the $conf...[binddn] but
> based on the authenticated DN and not a statically determined one.
Well, you could have LDAP auth objects store the authenticated dn, and, if
config options are set, query the auth object for it? I don't feel like I have
enough of a grasp on LDAP/what you're trying to do to suggest more.
-chuck
--
"But she goes not abroad in search of monsters to destroy." - John
Quincy Adams
More information about the dev
mailing list