[horde] User management using horde web UI

Jagannath Naidu jagannath.naidu at fosteringlinux.com
Wed Sep 10 09:08:47 UTC 2014 

Dear All,

I am aasigned a task to implement a web UI to manage users from the
ldap backend.
N I dont want to use any heavy web applications. Found that horde web
"version 3" is suitable for me.

Till now every thing is succefull. Except the user managemnet part.
I can login to horde s admin user, with ldap authentication.
When I click on the users section, the existing users are listed.

When I click on update for any user, it only shows the following
"New Username (optional)	
Password	
Confirm Password	
Full Name	
Email Address"

for creating a new user, it only shows
"* Username	
Password	
type the password twice to confirm"


I have enable auth_ldap hook
$conf['hooks']['authldap'] = true;

vim hooks.php
if (!function_exists('_horde_hook_authldap')) {
    function _horde_hook_authldap($userID, $credentials = null)
    {
        $entry['dn'] = 'uid=' . $userID .
',vd=religare.in,o=virtual,dc=religare,dc=in';
        if (isset($credentials) && isset($credentials['user_fullname'])) {
            $entry['cn'] = $credentials['user_fullname'];
        } else {
            $entry['cn'] = $userID;
        }
        $entry['sn'] = $userID;
        $entry['objectclass'][0] = 'top';
        $entry['objectclass'][1] = 'posixAccount';
        $entry['objectclass'][2] = 'shadowAccount';
        $entry['objectclass'][3] = 'inetOrgPerson';
        $entry['uid'] = $userID;
        $entry['homeDirectory'] = '/home/' . $userID;
        $entry['gidNumber'] = 100;

        // get the next available uid and increment it if we're adding a user
        if (isset($credentials)) {
            $ds = @ldap_connect($GLOBALS['conf']['auth']['params']['hostspec']);
            @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION,
$GLOBALS['conf']['auth']['params']['version']);
            @ldap_bind($ds,
$GLOBALS['conf']['auth']['params']['binddn'],
$GLOBALS['conf']['auth']['params']['password']);
            $searchResults = @ldap_search($ds, 'dc=religare,dc=in',
'mail=jagan at religare.in'  );
            $information = @ldap_get_entries($ds, $searchResults);
#            ldap_modify($ds, 'o=virtual,dc=religare,dc=in' );
            @ldap_close($ds);
#            $entry['uidNumber'] = $information[0]['uidnumber'][0];
            return $ldap_search;
        }

        // need to check for new users (password) and edited users (user_pass_2)
        if (isset($credentials) && isset($credentials['password'])) {
            $entry['userPassword'] =  '{MD5}' .
base64_encode(mHash(MHASH_MD5, $credentials['password']));
        } else if (isset($credentials) && isset($credentials['user_pass_2'])) {
            $entry['userPassword'] =  '{MD5}' .
base64_encode(mHash(MHASH_MD5, $credentials['user_pass_2']));
        }
        return $entry;
    }
}


I followed the NewLDAPHowTo and ExistingLDAPHowTo, but both of them
are for posix accounts

slapcat -b "dc=religare,dc=in"
dn: mail=shalab123 at religare.in,vd=religare.in,o=virtual,dc=religare,dc=in
mail: shalab123 at religare.in
sn: shalab123
cn: shalab123
givenName: shalab123
mailbox: religare.in/shalab123/
uid: shalab123.religare.in
vdHome: /home/virtual/ms1
accountActive: TRUE
lastChange: 1297453
objectClass: top
objectClass: VirtualMailAccount
objectClass: MailAccount
objectClass: Vacation
objectClass: VirtualForward
mailAutoreply: shalab123 at religare.in.autoreply
quota: 10000
delete: FALSE
userPassword:: UGFzc3dvcmQ=
vacationActive: FALSE
vacationInfo: Out Of Office
vacationStart: 200906150000
vacationEnd: 200906170000
forwardActive: FALSE
structuralObjectClass: VirtualMailAccount
entryUUID: d7001c80-cb8c-1033-88c2-ed2f4bc8556b
creatorsName: cn=admin,dc=religare,dc=in
createTimestamp: 20140908101545Z
entryCSN: 20140908101545Z#000000#00#000000
modifiersName: cn=admin,dc=religare,dc=in
modifyTimestamp: 20140908101545Z

Above is for only one user

my ldif file
# shalab123 at religare.in, religare.in, virtual, religare.in
dn: mail=shalab123 at religare.in,vd=religare.in,o=virtual,dc=religare,dc=in
mail: shalab123 at religare.in
sn: shalab123
cn: shalab123
givenName: shalab123
mailbox: religare.in/shalab123/
uid: shalab123.religare.in
#mailAlternateAddress: shalab123 at religare.in
vdHome: /home/virtual/ms1
accountActive: TRUE
lastChange: 1297453
objectClass: top
objectClass: VirtualMailAccount
objectClass: MailAccount
objectClass: Vacation
objectClass: VirtualForward
mailAutoreply: shalab123 at religare.in.autoreply
quota: 10000
delete: FALSE
userPassword: Password
vacationActive: FALSE
vacationInfo: Out Of Office
vacationStart: 200906150000
vacationEnd: 200906170000
forwardActive: FALSE



Sorry for all the fuss, but I am totally blind now. I can not  make
this work now. Please help.

My requirement is that, that the users can be managed, updated,
created. "like in phpldapadmin". I know much about php.


After finish, it should work as follows.
1. When I click on update a users
    email, quota, forwarding, etc must be visisble and must be modifyable
2. When I click on users
   I can create a new user with all the fields "quota, vacation, etc"

The how "NewLDAPHowTo and ExistingLDAPHowTo"to seems to be solution,
Bt can not make this work with the virtuall user. Please help.


Below is the conf.php

<?php
/* CONFIG START. DO NOT CHANGE ANYTHING IN OR AFTER THIS LINE. */
// $Horde: horde/config/conf.xml,v 1.74.2.81 2008/11/27 05:29:45 chuck Exp $
$conf['vhosts'] = false;
$conf['debug_level'] = E_ALL & ~E_NOTICE;
$conf['max_exec_time'] = 0;
$conf['compress_pages'] = true;
$conf['secret_key'] = 'fefe0c69ea44bec824a64f459f48a56b0c146ad7';
$conf['umask'] = 077;
$conf['use_ssl'] = 2;
$conf['server']['name'] = $_SERVER['SERVER_NAME'];
$conf['server']['port'] = $_SERVER['SERVER_PORT'];
$conf['urls']['token_lifetime'] = 30;
$conf['urls']['hmac_lifetime'] = 30;
$conf['urls']['pretty'] = false;
$conf['safe_ips'] = array();
$conf['session']['name'] = 'Horde';
$conf['session']['use_only_cookies'] = true;
$conf['session']['cache_limiter'] = 'nocache';
$conf['session']['timeout'] = 0;
$conf['cookie']['domain'] = $_SERVER['SERVER_NAME'];
$conf['cookie']['path'] = '/horde';
$conf['sql']['phptype'] = false;
$conf['auth']['admins'] = array('jagan at religare.in');
$conf['auth']['checkip'] = true;
$conf['auth']['checkbrowser'] = true;
$conf['auth']['alternate_login'] = false;
$conf['auth']['redirect_on_logout'] = false;
$conf['auth']['params']['hostspec'] = '192.168.122.250';
$conf['auth']['params']['basedn'] =
'vd=religare.in,o=virtual,dc=religare,dc=in';
$conf['auth']['params']['binddn'] = 'cn=admin,dc=religare,dc=in';
$conf['auth']['params']['password'] = 'redhat';
$conf['auth']['params']['version'] = '3';
$conf['auth']['params']['ad'] = false;
$conf['auth']['params']['uid'] = 'mail';
$conf['auth']['params']['encryption'] = 'ssha';
$conf['auth']['params']['newuser_objectclass'] = array('top',
'VirtualMailAccount', 'MailAccount', 'Vacation', 'VirtualForward');
$conf['auth']['params']['objectclass'] = array('top',
'VirtualMailAccount', 'MailAccount', 'Vacation', 'VirtualForward');
$conf['auth']['params']['filter_type'] = 'objectclass';
$conf['auth']['params']['password_expiration'] = 'no';
$conf['auth']['driver'] = 'ldap';
$conf['signup']['allow'] = false;
$conf['log']['priority'] = PEAR_LOG_DEBUG;
$conf['log']['ident'] = 'HORDE';
$conf['log']['params'] = array();
$conf['log']['name'] = '/tmp/horde.log';
$conf['log']['params']['append'] = true;
$conf['log']['type'] = 'file';
$conf['log']['enabled'] = true;
$conf['log_accesskeys'] = false;
$conf['prefs']['driver'] = 'session';
$conf['alarms']['driver'] = false;
$conf['datatree']['driver'] = 'null';
$conf['group']['driver'] = 'datatree';
$conf['group']['cache'] = false;
$conf['perms']['driver'] = 'datatree';
$conf['share']['no_sharing'] = false;
$conf['share']['any_group'] = false;
$conf['share']['cache'] = false;
$conf['share']['driver'] = 'datatree';
$conf['cache']['default_lifetime'] = 86400;
$conf['cache']['params']['sub'] = 0;
$conf['cache']['driver'] = 'file';
$conf['lock']['driver'] = 'none';
$conf['token']['driver'] = 'none';
$conf['mailer']['params']['sendmail_path'] = '/usr/lib/sendmail';
$conf['mailer']['params']['sendmail_args'] = '-oi';
$conf['mailer']['type'] = 'sendmail';
$conf['mailformat']['brokenrfc2231'] = false;
$conf['vfs']['type'] = 'none';
$conf['sessionhandler']['type'] = 'none';
$conf['sessionhandler']['memcache'] = false;
$conf['problems']['email'] = 'webmaster at example.com';
$conf['problems']['maildomain'] = 'example.com';
$conf['problems']['tickets'] = false;
$conf['problems']['attachments'] = true;
$conf['menu']['apps'] = array();
$conf['menu']['always'] = false;
$conf['menu']['links']['help'] = 'all';
$conf['menu']['links']['options'] = 'authenticated';
$conf['menu']['links']['problem'] = 'all';
$conf['menu']['links']['login'] = 'all';
$conf['menu']['links']['logout'] = 'authenticated';
$conf['hooks']['permsdenied'] = false;
$conf['hooks']['username'] = false;
$conf['hooks']['preauthenticate'] = false;
$conf['hooks']['postauthenticate'] = false;
$conf['hooks']['authldap'] = true;
$conf['hooks']['groupldap'] = true;
$conf['portal']['fixed_blocks'] = array();
$conf['accounts']['driver'] = 'null';
$conf['user']['verify_from_addr'] = false;
$conf['imsp']['enabled'] = false;
$conf['kolab']['enabled'] = false;
$conf['memcache']['enabled'] = false;
/* CONFIG END. DO NOT CHANGE ANYTHING IN OR BEFORE THIS LINE. */


horde.log
Sep 10 14:24:40 HORDE [notice] [horde] Login success for
jagan at religare.in [192.168.122.1] to Horde [pid 2006 on line 138 of
"/var/www/html/horde/login.php"]
Sep 10 14:24:46 HORDE [debug] [horde] Hook _horde_hook_signup_getextra
in application horde not called. [pid 2008 on line 1688 of
"/var/www/html/horde/lib/Horde.php"]
Sep 10 14:24:50 HORDE [debug] [horde] Hook _horde_hook_signup_getextra
in application horde not called. [pid 2006 on line 1688 of
"/var/www/html/horde/lib/Horde.php"]
Sep 10 14:25:44 HORDE [debug] [horde] Hook _horde_hook_signup_getextra
in application horde not called. [pid 2005 on line 1688 of
"/var/www/html/horde/lib/Horde.php"]

Please help
-- 
Thanks & Regards

B Jagannath Naidu

More information about the horde mailing list