[horde] LDAP configuration checklist?

김 덕곤 dgkim at dgkim.net
Wed Jul 9 03:06:08 UTC 2014 

2014. 7. 9. 오전 10:26, 김 덕곤 쓴 글:
> 2014. 7. 9. 오전 9:52, 김 덕곤 쓴 글:
>> 2014. 7. 8. 오후 4:56, 김 덕곤 쓴 글:
>>> I have 2 installations of horde.
>>>
>>> Both uses LDAP as authentication backend and addressbook.
>>>
>>> One have a problem with 'Administration -> Users'
>>> doesn't show user list.
>>> only one id(mine, administrator) is shown.
>>> The other one is working correctly.
>>>
>>> I checked conf.php, there seems no difference but domain name.
>>>
>>> LDAP structure is as follows.
>>>
>>> user : uid=loginname,ou=Users,dc=blabla,dc=blabla
>>> group : cn=groupname,ou=Groups,dc=blabla,dc=blabla
>>> addressbook : 
>>> cn=contactsome,cn=sharedbook,ou=Addressbook,d=blabla,dc=blabla
>>>
>>> user
>>> objectClass: inerOrgPerson + ...
>>> uid: loginname
>>> userPassword: ...
>>>
>>> group
>>> objectClass: groupOfUniqueNames
>>> uniqueMember: uid=loginname,ou=Users,dc=blabla,dc=blabla
>>>
>>> addressbook
>>> objectClass: inerOrgPerson + ...
>>> cn: contactsome
>>> ...
>>>
>>>
>>> 'Users' thing is confusing. (configuration of LDAP? Authentication?)
>>> but 'Groups' thing is rather clear.
>>>
>>> And option $conf[ldap][bindas]
>>> I want explanations for several scenarios.
>>> (User list is prohibited or not. Address book can be read by 
>>> authenticated user. etc...)
>>>
>> Furthermore.
>> After I upgraded horde to latest modules(released today or yesterday),
>> I can't access to imp's preferences page.
>>
>> Following is the error.
>>
>> /** * Constructor. * * @param string $id Object identifier. */ Method 
>> [ <user, ctor> public method __construct ] { @@ 
>> /var/www/horde/imp/lib/Imap.php 110 - 113 - Parameters [1] { 
>> Parameter #0 [ <required> $id ] } } has unfulfilled dependencies 
>> (Parameter #0 [ <required> $id ])
>>
>>  1. Horde_Core_Prefs_Ui->__construct() 
>> /var/www/horde/services/prefs.php:26
>>  2. Horde_Core_Prefs_Ui->_getPrefGroups() 
>> /usr/share/php/Horde/Core/Prefs/Ui.php:109
>>  3. Horde_Core_Prefs_Ui->groupIsEditable() 
>> /usr/share/php/Horde/Core/Prefs/Ui.php:799
>>  4. Horde_Core_Prefs_Ui->getChangeablePrefs() 
>> /usr/share/php/Horde/Core/Prefs/Ui.php:126
>>
>> seems 'users' and 'groups' are related.
>>
>>
> Figured out the error.
>
> I have copied imp/config/prefs.php(whole contents) to prefs.local.php
> to rename folder 'Spam' to 'Junk'.
>
> I compared with two files, there was so much differences.
>
> I put following few lines on prefs.local.php, it solved problem.
>
> $_prefs['spam_folder'] = array(
>     // NOTE: Localization of this name for display purposes is done
>     // automatically. To change the default value based on the 
> backend, see
>     // the 'special_mboxes' option in config/backends.php.
>     'value' => 'Junk'
> );
>
> And I will review all the *.local.php files of mine.
'Users' is working now.

LDAP Filter expression didn't work.

(&(objectClass=inerOrgPerson)(userPassword=*))

I fixed with only objectClass expression.

(objectClass=inetOrgPerson)

I prevented to read 'userPassword' attribute on LDAP server.
(but one can read or change value of his own 'userPassword')

.

if it's possible, since configuration elements are spread widely(i think).
Some sort of reorganizing might be helpful.

LDAP as it is (but for now ' $conf[ldap][user][basedn]' why needed here?)
Authentication + Users + Groups need to be reorganized.
(just in my opinion)

.
sorry for the noise.

More information about the horde mailing list