[horde] using ldap-authentication with an active directory server
Michael Gröne
michael.groene at zew.uni-hannover.de
Wed Jun 10 14:59:42 UTC 2009
Hello!
We are trying to setup Horde Groupware Webmail Edition 1.2.3.
To authenticate Logins we use the LDAP-protocol working together with an
Active-Directory Server.
At the moment ldap-logins work fine, but we are experiencing trouble
with group-permissions in kronolith.
It seems to be simlar to a post some time ago here in the mailing-list:
http://lists.horde.org/archives/horde/Week-of-Mon-20080114/034478.html
Here some (relevant) config-details:
$conf['auth']['params']['ad'] = true;
$conf['auth']['params']['uid'] = 'sAMAccountName';
$conf['auth']['params']['newuser_objectclass'] = array('shadowAccount',
'inetOrgPerson');
$conf['auth']['params']['objectclass'] = array('user');
$conf['auth']['params']['filter_type'] = 'objectclass';
$conf['group']['params']['basedn'] =
'ou=ZEW_Sicherheitsgruppen,dc=zew,dc=local';
$conf['group']['params']['version'] = '3';
$conf['group']['params']['tls'] = false;
$conf['group']['params']['gid'] = 'cn';
$conf['group']['params']['memberuid'] = 'member';
$conf['group']['params']['attrisdn'] = true;
$conf['group']['params']['newgroup_objectclass'] = array('top', 'group');
$conf['group']['params']['objectclass'] = array('group');
$conf['group']['params']['filter_type'] = 'objectclass';
Even I'm wondering, why no groups will be displayed in the
Permissions-Dialogue
(http://www.xyz.de/horde/kronolith/perms.php?share=xzy), if the checkbox
for $conf[share][any_group] is not checked.
So it seems, Horde can't get the group-memberships of the users correctly.
Has anybody a hint, how to solve this problem?
Greets, Michael
More information about the horde
mailing list