[horde] group shares and Active Directory
Goncal Badenes
goncal.badenes at icfo.es
Fri Jan 7 10:42:27 UTC 2011
Hi,
we do not manage to get group shares working with our active directory
backend. The groups are listed OK in the Administration->Groups
section, but the system does not manage to find out which groups a
particular user is member of.
In particular, we experience the following behaviour:
- The list of groups that the users see when they try to share any
resource (calendar, task, etc.) is empty unless we set
$conf['share']['any_group'] = true;
- Even if the option above is set to "true", the user cannot access
the shared resource. I assume this is because the system does not
actually realise which groups the logged on user is member of.
I have seen related messages in the mailing list (e.g.
http://lists.horde.org/archives/horde/Week-of-Mon-20090608/037714.html,
http://lists.horde.org/archives/horde/Week-of-Mon-20080114/034478.html, or
http://lists.horde.org/archives/dev/Week-of-Mon-20080114/022588.html),
but so far could not find any solution or workaround for the problem.
Does anyone have suggestions or tips?
Here are the relevant parts of our configuration:
$conf['group']['params']['hostspec'] = 'ldaps://ad1.xxx ldaps://ad2.xxx';
$conf['group']['params']['basedn'] = 'DC=xxx,DC=xxx';
$conf['group']['params']['binddn'] = 'xxx at xxx.xxx';
$conf['group']['params']['password'] = 'xxx';
$conf['group']['params']['version'] = '3';
$conf['group']['params']['tls'] = false;
$conf['group']['params']['gid'] = 'cn';
$conf['group']['params']['memberuid'] = 'member';
$conf['group']['params']['attrisdn'] = true;
$conf['group']['params']['newgroup_objectclass'] = array('top', 'group');
$conf['group']['params']['objectclass'] = array('group');
$conf['group']['params']['filter_type'] = 'objectclass';
$conf['group']['driver'] = 'ldap';
$conf['group']['cache'] = true;
$conf['perms']['driverconfig'] = 'horde';
$conf['perms']['driver'] = 'sql';
$conf['share']['no_sharing'] = false;
$conf['share']['any_group'] = true;
$conf['share']['cache'] = true;
$conf['share']['driver'] = 'sql';
Thanks in advance!
Gonçal Badenes
More information about the horde
mailing list