[horde] Re: ldap and imap
LALOT Dominique
lalot at univ-aix.fr
Wed Mar 2 02:33:54 PST 2005
>
>
>>/ Hello,
>/>/
>/>/ I dont know how to manage correctly our configuration
>/>/ Our central data is LDAP
>/>/ From LDAP we create mboxes on a cyrus imap server
>/>/
>/>/ So we don't want to create mboxes via imap, we don't want to list
>/>/ mboxes, but to list users (ldapway).
>/>/ So howto authenticate once, say: cyrus is the imap server, but use ldap
>/>/ to authenticate / list users.
>/>/
>/>/ users are users not mboxes.
>/>/
>/>/ So I tried to auth via horde setting hordeauth=true in IMP servers.php
>/>/ Then fill ldap auth in horde.
>/>/
>/>/ It works OK, but then I can't see users (ldapsearch uid=*), nor share
>/>/ kronolith agenda..
>/>/
>/>/ Is there something I missed?.
>/
>Nothing obvious, it should work the way you set it up. I would start
>trying to find out why the ldap search for the user listings doesn't
>work.
>
>
>
I've discovered what was the problem:
When you speak about objectclass and arrays of (in horde auth), for me
it means, I accept all this objectclass which should be a filter with an
OR , not an AND.
Then correcting the problem listusers worked.
But, it's slow. As I'm specialized on ldap servers, I've had a look to
the logs of my server. There is no attr defined, so for each entries,
you're getting all the entry, consuming time and CPU
On line 356 of ./lib/Horde/Auth/ldap.php, I changed for:
$search = ldap_search($ldap, $this->_params['basedn'],
$filter,array('uid'));
And listusers (3500 users) is very fast
But It would have been great to display cn instead of uid, or a mix..
I put no bind password, and the interface is active for deleting users,
is it normal?.
Another idea, as we have a flat userspace, we don't need to search for
uid. Sometimes, we can tell that dn is an expression
dn= uid=%login,ou=people,dc=xx,dc=xx which saves time also.
Thanks for all
(Horde is great..)
Dom
--
Dominique LALOT
Ingénieur Système Réseau CISCAM Pole Réseau
Université de la Méditerranée http://annuaire.univ-mrs.fr/showuser.php?uid=lalot
More information about the horde
mailing list