[horde] Users

Eric Jon Rostetter eric.rostetter at physics.utexas.edu
Mon Sep 15 21:25:45 UTC 2008


Quoting horde at corwyn.net:

>> Probably best.  Unless your Horde install is on your IMAP server, this
>> probably wouldn't work (as the passwd/shadow files on your Horde server
>> wouldn't be the same as those on your IMAP server, if they are different
>> machines).
>
> horde is on my imap server. I understand that  would be a problem  
> were that not the case.

Assuming your system is using PAM, then set horde auth to use pam,
and set IMP to use hordeauth, and configure horde's pam auth, and
you should be back where you started, since pam auth doesn't
allow management (not even list).

Or configure horde to use password file auth, and IMP to use hordeauth,
and configure horde's password file auth properly, and it may not work
cause I'm not sure if horde's password routines support a separate shadow
file.  But in any case, the password driver doesn't support managment
past listing the users, so you haven't gained much if anything, so why
do it?

Or, try using the login driver, which might be useful with shadow files,
but still doesn't support management, so there's no point...

Or switch to another IMAP server that supports management commands, and
configure IMP so it knows you support managment commands, and then use that.
But I wouldn't recommend that per se, since dovecot rocks....

Or, and this is the real point, if you must use IMAP authentication, and
want Horde to do management, migrate your users from passwd/shadow files
to something that actually supports management (e.g., sql, ldap, etc)
and configure Horde, IMP, and dovecot all to use that authentication
method.  And voila, you're done. :)

> I know I'm using IMAP auth. And I know I can't manage imap auth via horde.

Actually, if your IMAP server supports user management by IMAP commands,
than you can.  But since you said you use dovecot, and I'm fairly sure
dovecot doesn't support this (surely not dovecot 0.99, almost surely
dovecot 1.0, not as sure about 1.1/1.2), then you can do it.  Some IMAP
servers do support it however.

And if your IMAP server authenticates of sql or ldap or any managable
backend (which dovecot supports), then you can.  But you need to tell
Horde to use the actual backend, not IMAP, in that case.

> However, horde appears to have options to use the local auth  
> (/etc/passwd  , /etc/shadow). I can't get them to work.

And why not?  I've not seen a description of any problem, or a detailed
setup description, just a "doesn't work" summary.  What doesn't work,
what errors do you get, how did you configure it, etc.

If by "not work" you mean "can't get management to work" then the
answer is simple: they don't support management.

If by "not work" you mean something else, then either be more specific
what you want to work and how you want it to work, or provide some idea
of what kind of error you are getting.

> I'd like assistance in getting them to work, precisely so I can  
> manage users via horde.

You can't manage users with file based systems.  So if you want to manage
them via Horde, you need to (i.e., must) migrate the users to another
backend.

> One reason is that the documentation for managing users via mySQL is  
> ALSO not very good/available. (a beginning to end instruction set).

That is because there are hundreds of ways to do this.  You should
first consult your IMAP server docs for what it supports, and follow
those instructions.  Then configure Horde/IMP as needed based on the
IMAP configuration needed.

> Another reason is just that it seems like it should be simple to set  
> up this way.

What way is that?  Password files, yes.  Shadow files, not too hard, but
more difficult.  PAM, yes.  Any of those with user management, no supported.
SQL, depends on your IMAP server...  kerberos, depends on your IMAP server.
Ldap, depends on your IMAP server...  Well,  you should get the idea by now.

> Rick

-- 
Eric Rostetter
The Department of Physics
The University of Texas at Austin

This message is provided "AS IS" without warranty of any kind,
either expressed or implied.  Use this message at your own risk.


More information about the horde mailing list