[horde] using ldap-authentication with an active directory server

Michael Gröne michael.groene at zew.uni-hannover.de
Wed Jun 10 14:59:42 UTC 2009


Hello!

We are trying to setup Horde Groupware Webmail Edition 1.2.3.
To authenticate Logins we use the LDAP-protocol working together with an 
Active-Directory Server.

At the moment ldap-logins work fine, but we are experiencing trouble 
with group-permissions in kronolith.
It seems to be simlar to a post some time ago here in the mailing-list:
http://lists.horde.org/archives/horde/Week-of-Mon-20080114/034478.html

Here some (relevant) config-details:
$conf['auth']['params']['ad'] = true;
$conf['auth']['params']['uid'] = 'sAMAccountName';
$conf['auth']['params']['newuser_objectclass'] = array('shadowAccount', 
'inetOrgPerson');
$conf['auth']['params']['objectclass'] = array('user');
$conf['auth']['params']['filter_type'] = 'objectclass';

$conf['group']['params']['basedn'] = 
'ou=ZEW_Sicherheitsgruppen,dc=zew,dc=local';
$conf['group']['params']['version'] = '3';
$conf['group']['params']['tls'] = false;
$conf['group']['params']['gid'] = 'cn';
$conf['group']['params']['memberuid'] = 'member';
$conf['group']['params']['attrisdn'] = true;
$conf['group']['params']['newgroup_objectclass'] = array('top', 'group');
$conf['group']['params']['objectclass'] = array('group');
$conf['group']['params']['filter_type'] = 'objectclass';

Even I'm wondering, why no groups will be displayed in the 
Permissions-Dialogue 
(http://www.xyz.de/horde/kronolith/perms.php?share=xzy), if the checkbox 
for $conf[share][any_group] is not checked.
So it seems, Horde can't get the group-memberships of the users correctly.

Has anybody a hint, how to solve this problem?


Greets, Michael


More information about the horde mailing list