[horde] Initial DN to bind with for LDAP preferences

Jethro R Binks jethro.binks at strath.ac.uk
Fri Apr 26 16:22:54 PDT 2002


Hi,

Just looking at the latest release candidates after a while away from
Horde/IMP.

I want my users to login using their mail address, not their DN.  To this
end, their mail address is stored in attribute mailLocalAddress.  The
naming attribute for DNs is uid, as per convention.  Hence, I have
$conf['prefs']['params']['uid'] = 'mailLocalAddress';
in horde/config/horde.php.

In the previous version I was using, which was revision 1.14.2.3 of
horde/lib/Prefs/ldap.php, the procedure was open an anonymous connection
to LDAP server, search for the DN with the uid attribute I specified
(mailLocalAddress), then bind using that full DN and the password that had
been entered.

This behaviour changed in 1.14.2.4, so that afer the anonymous connect, a
bind_dn string is built from the uid attribute data and the basedn, so in
my case I end up with something like:
$bind_dn = "mailLocalAddress=jethro.binks at strath.ac.uk,dc=people,dc=strath,dc=ac,dc=uk"
Since that isn't a valid DN, the bind fails.  I note that the next step is
a search for the full DN, which presumably gets used later on.

Why did this behaviour change in this way?  It's now rather less than
useful in my case, as it doesn't allow me to abstract the login token I
tell users to use (their email address) from internal gumph like their
uid, which just confuses them.

A compromise might be to specify another bind dn to use while searching
for the full DN.

Now it's a bit late here, so maybe I'm missing something a bit
fundamental, but as it stands it no longer works a useful way for me ..

Thanks for comments,

Jethro.

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Jethro R Binks                                   Computing Officer, IT Services
Mailmaster, Listmaster, Webmaster,       University Of Strathclyde, Glasgow, UK
Cachemaster                                           jethro.binks at strath.ac.uk



More information about the horde mailing list