[horde] LDAP login objectClass filter
Dave Liefbroer
dave at openlab.nl
Mon May 22 05:30:54 PDT 2006
For now I moved to IMAP authentication (IMAP auths with LDAP), so it's
OK for now.
I tested the LDAP query, but I don't see it using the objectClass filter.
Thanks,
Dave
Quoting eculp at encontacto.net:
> Quoting Dave Liefbroer <dave at openlab.nl>:
>
>> That's what I already had. It doesn't use it when doing a login,
>> only when listing users.
>
> Hmmmm, could be because I've got a "different" ldap structure that on
> horde only I don't really depend on the object class but for all other
> apps, I do. Now I'm going to have to figure out why it wouldn't work
> especially because it seems to be used as a filter on horde login.
>
> May 22 07:01:16 home slapd[1045]: conn=3231 op=3 SRCH
> base="o=worldinternet.org" scope=2 deref=0
> filter="(&(objectClass=CourierMailAccount)(mail=eculp at worldinternet.org))"
>
> I'll dig a little deeper when I have a bit of free time.
>
> ed
>>
>> Thanks for the help though
>>
>> Regards,
>>
>> Dave
>>
>>
>> Quoting eculp at encontacto.net:
>>
>>> Quoting Dave Liefbroer <dave at openlab.nl>:
>>>
>>>> Hi,
>>>>
>>>> I use LDAP authentication for Horde and have an LDAP adressbook.
>>>> LDAP authentication checks the mail field in LDAP records.
>>>>
>>>> If I have an adressbook entry for someone who's a user on my
>>>> webmail, he can't login because Horde auth finds the adressbook
>>>> entry instead of the user entry.
>>>
>>> Assuming that you have a unique opjectClass for your users you just
>>> need to define it in conf.php through the admin -> setup ->
>>> Authentication tab where it asks for:
>>> The objectclass filter used to search for users.
>>> Can be a single objectclass or a list.
>>> and add the objectClass or objectClasses. I have
>>> CourierMailAccount
>>> for example.
>>> and in your conf.php you will then see something like:
>>> $conf['auth']['params']['objectclass'] = array('CourierMailAccount');
>>>
>>> Hope this helps,
>>>
>>> ed
>>>>
>>>> Is is possible to have an objectClass on the login search for
>>>> Horde LDAP auth? I already have an objectclass set in the
>>>> config, but that's only used to search for users when inside
>>>> Horde, but isn't used for login.
>>>>
>>>> Regards,
>>>>
>>>> Dave
>>>>
>>>>
>>>> --
>>>> Horde mailing list - Join the hunt: http://horde.org/bounties/#horde
>>>> Frequently Asked Questions: http://horde.org/faq/
>>>> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
>>>>
>>>
>>>
>>>
>>> --
>>> Horde mailing list - Join the hunt: http://horde.org/bounties/#horde
>>> Frequently Asked Questions: http://horde.org/faq/
>>> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
>>
>>
>> --
>> Horde mailing list - Join the hunt: http://horde.org/bounties/#horde
>> Frequently Asked Questions: http://horde.org/faq/
>> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
>>
>
>
>
> --
> Horde mailing list - Join the hunt: http://horde.org/bounties/#horde
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: horde-unsubscribe at lists.horde.org
More information about the horde
mailing list