[horde] User management using horde web UI
Jagannath Naidu
jagannath.naidu at fosteringlinux.com
Wed Sep 10 09:08:47 UTC 2014
Dear All,
I am aasigned a task to implement a web UI to manage users from the
ldap backend.
N I dont want to use any heavy web applications. Found that horde web
"version 3" is suitable for me.
Till now every thing is succefull. Except the user managemnet part.
I can login to horde s admin user, with ldap authentication.
When I click on the users section, the existing users are listed.
When I click on update for any user, it only shows the following
"New Username (optional)
Password
Confirm Password
Full Name
Email Address"
for creating a new user, it only shows
"* Username
Password
type the password twice to confirm"
I have enable auth_ldap hook
$conf['hooks']['authldap'] = true;
vim hooks.php
if (!function_exists('_horde_hook_authldap')) {
function _horde_hook_authldap($userID, $credentials = null)
{
$entry['dn'] = 'uid=' . $userID .
',vd=religare.in,o=virtual,dc=religare,dc=in';
if (isset($credentials) && isset($credentials['user_fullname'])) {
$entry['cn'] = $credentials['user_fullname'];
} else {
$entry['cn'] = $userID;
}
$entry['sn'] = $userID;
$entry['objectclass'][0] = 'top';
$entry['objectclass'][1] = 'posixAccount';
$entry['objectclass'][2] = 'shadowAccount';
$entry['objectclass'][3] = 'inetOrgPerson';
$entry['uid'] = $userID;
$entry['homeDirectory'] = '/home/' . $userID;
$entry['gidNumber'] = 100;
// get the next available uid and increment it if we're adding a user
if (isset($credentials)) {
$ds = @ldap_connect($GLOBALS['conf']['auth']['params']['hostspec']);
@ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION,
$GLOBALS['conf']['auth']['params']['version']);
@ldap_bind($ds,
$GLOBALS['conf']['auth']['params']['binddn'],
$GLOBALS['conf']['auth']['params']['password']);
$searchResults = @ldap_search($ds, 'dc=religare,dc=in',
'mail=jagan at religare.in' );
$information = @ldap_get_entries($ds, $searchResults);
# ldap_modify($ds, 'o=virtual,dc=religare,dc=in' );
@ldap_close($ds);
# $entry['uidNumber'] = $information[0]['uidnumber'][0];
return $ldap_search;
}
// need to check for new users (password) and edited users (user_pass_2)
if (isset($credentials) && isset($credentials['password'])) {
$entry['userPassword'] = '{MD5}' .
base64_encode(mHash(MHASH_MD5, $credentials['password']));
} else if (isset($credentials) && isset($credentials['user_pass_2'])) {
$entry['userPassword'] = '{MD5}' .
base64_encode(mHash(MHASH_MD5, $credentials['user_pass_2']));
}
return $entry;
}
}
I followed the NewLDAPHowTo and ExistingLDAPHowTo, but both of them
are for posix accounts
slapcat -b "dc=religare,dc=in"
dn: mail=shalab123 at religare.in,vd=religare.in,o=virtual,dc=religare,dc=in
mail: shalab123 at religare.in
sn: shalab123
cn: shalab123
givenName: shalab123
mailbox: religare.in/shalab123/
uid: shalab123.religare.in
vdHome: /home/virtual/ms1
accountActive: TRUE
lastChange: 1297453
objectClass: top
objectClass: VirtualMailAccount
objectClass: MailAccount
objectClass: Vacation
objectClass: VirtualForward
mailAutoreply: shalab123 at religare.in.autoreply
quota: 10000
delete: FALSE
userPassword:: UGFzc3dvcmQ=
vacationActive: FALSE
vacationInfo: Out Of Office
vacationStart: 200906150000
vacationEnd: 200906170000
forwardActive: FALSE
structuralObjectClass: VirtualMailAccount
entryUUID: d7001c80-cb8c-1033-88c2-ed2f4bc8556b
creatorsName: cn=admin,dc=religare,dc=in
createTimestamp: 20140908101545Z
entryCSN: 20140908101545Z#000000#00#000000
modifiersName: cn=admin,dc=religare,dc=in
modifyTimestamp: 20140908101545Z
Above is for only one user
my ldif file
# shalab123 at religare.in, religare.in, virtual, religare.in
dn: mail=shalab123 at religare.in,vd=religare.in,o=virtual,dc=religare,dc=in
mail: shalab123 at religare.in
sn: shalab123
cn: shalab123
givenName: shalab123
mailbox: religare.in/shalab123/
uid: shalab123.religare.in
#mailAlternateAddress: shalab123 at religare.in
vdHome: /home/virtual/ms1
accountActive: TRUE
lastChange: 1297453
objectClass: top
objectClass: VirtualMailAccount
objectClass: MailAccount
objectClass: Vacation
objectClass: VirtualForward
mailAutoreply: shalab123 at religare.in.autoreply
quota: 10000
delete: FALSE
userPassword: Password
vacationActive: FALSE
vacationInfo: Out Of Office
vacationStart: 200906150000
vacationEnd: 200906170000
forwardActive: FALSE
Sorry for all the fuss, but I am totally blind now. I can not make
this work now. Please help.
My requirement is that, that the users can be managed, updated,
created. "like in phpldapadmin". I know much about php.
After finish, it should work as follows.
1. When I click on update a users
email, quota, forwarding, etc must be visisble and must be modifyable
2. When I click on users
I can create a new user with all the fields "quota, vacation, etc"
The how "NewLDAPHowTo and ExistingLDAPHowTo"to seems to be solution,
Bt can not make this work with the virtuall user. Please help.
Below is the conf.php
<?php
/* CONFIG START. DO NOT CHANGE ANYTHING IN OR AFTER THIS LINE. */
// $Horde: horde/config/conf.xml,v 1.74.2.81 2008/11/27 05:29:45 chuck Exp $
$conf['vhosts'] = false;
$conf['debug_level'] = E_ALL & ~E_NOTICE;
$conf['max_exec_time'] = 0;
$conf['compress_pages'] = true;
$conf['secret_key'] = 'fefe0c69ea44bec824a64f459f48a56b0c146ad7';
$conf['umask'] = 077;
$conf['use_ssl'] = 2;
$conf['server']['name'] = $_SERVER['SERVER_NAME'];
$conf['server']['port'] = $_SERVER['SERVER_PORT'];
$conf['urls']['token_lifetime'] = 30;
$conf['urls']['hmac_lifetime'] = 30;
$conf['urls']['pretty'] = false;
$conf['safe_ips'] = array();
$conf['session']['name'] = 'Horde';
$conf['session']['use_only_cookies'] = true;
$conf['session']['cache_limiter'] = 'nocache';
$conf['session']['timeout'] = 0;
$conf['cookie']['domain'] = $_SERVER['SERVER_NAME'];
$conf['cookie']['path'] = '/horde';
$conf['sql']['phptype'] = false;
$conf['auth']['admins'] = array('jagan at religare.in');
$conf['auth']['checkip'] = true;
$conf['auth']['checkbrowser'] = true;
$conf['auth']['alternate_login'] = false;
$conf['auth']['redirect_on_logout'] = false;
$conf['auth']['params']['hostspec'] = '192.168.122.250';
$conf['auth']['params']['basedn'] =
'vd=religare.in,o=virtual,dc=religare,dc=in';
$conf['auth']['params']['binddn'] = 'cn=admin,dc=religare,dc=in';
$conf['auth']['params']['password'] = 'redhat';
$conf['auth']['params']['version'] = '3';
$conf['auth']['params']['ad'] = false;
$conf['auth']['params']['uid'] = 'mail';
$conf['auth']['params']['encryption'] = 'ssha';
$conf['auth']['params']['newuser_objectclass'] = array('top',
'VirtualMailAccount', 'MailAccount', 'Vacation', 'VirtualForward');
$conf['auth']['params']['objectclass'] = array('top',
'VirtualMailAccount', 'MailAccount', 'Vacation', 'VirtualForward');
$conf['auth']['params']['filter_type'] = 'objectclass';
$conf['auth']['params']['password_expiration'] = 'no';
$conf['auth']['driver'] = 'ldap';
$conf['signup']['allow'] = false;
$conf['log']['priority'] = PEAR_LOG_DEBUG;
$conf['log']['ident'] = 'HORDE';
$conf['log']['params'] = array();
$conf['log']['name'] = '/tmp/horde.log';
$conf['log']['params']['append'] = true;
$conf['log']['type'] = 'file';
$conf['log']['enabled'] = true;
$conf['log_accesskeys'] = false;
$conf['prefs']['driver'] = 'session';
$conf['alarms']['driver'] = false;
$conf['datatree']['driver'] = 'null';
$conf['group']['driver'] = 'datatree';
$conf['group']['cache'] = false;
$conf['perms']['driver'] = 'datatree';
$conf['share']['no_sharing'] = false;
$conf['share']['any_group'] = false;
$conf['share']['cache'] = false;
$conf['share']['driver'] = 'datatree';
$conf['cache']['default_lifetime'] = 86400;
$conf['cache']['params']['sub'] = 0;
$conf['cache']['driver'] = 'file';
$conf['lock']['driver'] = 'none';
$conf['token']['driver'] = 'none';
$conf['mailer']['params']['sendmail_path'] = '/usr/lib/sendmail';
$conf['mailer']['params']['sendmail_args'] = '-oi';
$conf['mailer']['type'] = 'sendmail';
$conf['mailformat']['brokenrfc2231'] = false;
$conf['vfs']['type'] = 'none';
$conf['sessionhandler']['type'] = 'none';
$conf['sessionhandler']['memcache'] = false;
$conf['problems']['email'] = 'webmaster at example.com';
$conf['problems']['maildomain'] = 'example.com';
$conf['problems']['tickets'] = false;
$conf['problems']['attachments'] = true;
$conf['menu']['apps'] = array();
$conf['menu']['always'] = false;
$conf['menu']['links']['help'] = 'all';
$conf['menu']['links']['options'] = 'authenticated';
$conf['menu']['links']['problem'] = 'all';
$conf['menu']['links']['login'] = 'all';
$conf['menu']['links']['logout'] = 'authenticated';
$conf['hooks']['permsdenied'] = false;
$conf['hooks']['username'] = false;
$conf['hooks']['preauthenticate'] = false;
$conf['hooks']['postauthenticate'] = false;
$conf['hooks']['authldap'] = true;
$conf['hooks']['groupldap'] = true;
$conf['portal']['fixed_blocks'] = array();
$conf['accounts']['driver'] = 'null';
$conf['user']['verify_from_addr'] = false;
$conf['imsp']['enabled'] = false;
$conf['kolab']['enabled'] = false;
$conf['memcache']['enabled'] = false;
/* CONFIG END. DO NOT CHANGE ANYTHING IN OR BEFORE THIS LINE. */
horde.log
Sep 10 14:24:40 HORDE [notice] [horde] Login success for
jagan at religare.in [192.168.122.1] to Horde [pid 2006 on line 138 of
"/var/www/html/horde/login.php"]
Sep 10 14:24:46 HORDE [debug] [horde] Hook _horde_hook_signup_getextra
in application horde not called. [pid 2008 on line 1688 of
"/var/www/html/horde/lib/Horde.php"]
Sep 10 14:24:50 HORDE [debug] [horde] Hook _horde_hook_signup_getextra
in application horde not called. [pid 2006 on line 1688 of
"/var/www/html/horde/lib/Horde.php"]
Sep 10 14:25:44 HORDE [debug] [horde] Hook _horde_hook_signup_getextra
in application horde not called. [pid 2005 on line 1688 of
"/var/www/html/horde/lib/Horde.php"]
Please help
--
Thanks & Regards
B Jagannath Naidu
More information about the horde
mailing list