[horde] User management using horde web UI
Jan Schneider
jan at horde.org
Fri Sep 12 09:01:18 UTC 2014
Zitat von Jagannath Naidu <jagannath.naidu at fosteringlinux.com>:
> Dear All,
>
> I am aasigned a task to implement a web UI to manage users from the
> ldap backend.
> N I dont want to use any heavy web applications. Found that horde web
> "version 3" is suitable for me.
>
> Till now every thing is succefull. Except the user managemnet part.
> I can login to horde s admin user, with ldap authentication.
> When I click on the users section, the existing users are listed.
>
> When I click on update for any user, it only shows the following
> "New Username (optional)
> Password
> Confirm Password
> Full Name
> Email Address"
>
> for creating a new user, it only shows
> "* Username
> Password
> type the password twice to confirm"
>
>
> I have enable auth_ldap hook
> $conf['hooks']['authldap'] = true;
>
> vim hooks.php
> if (!function_exists('_horde_hook_authldap')) {
> function _horde_hook_authldap($userID, $credentials = null)
> {
> $entry['dn'] = 'uid=' . $userID .
> ',vd=religare.in,o=virtual,dc=religare,dc=in';
> if (isset($credentials) && isset($credentials['user_fullname'])) {
> $entry['cn'] = $credentials['user_fullname'];
> } else {
> $entry['cn'] = $userID;
> }
> $entry['sn'] = $userID;
> $entry['objectclass'][0] = 'top';
> $entry['objectclass'][1] = 'posixAccount';
> $entry['objectclass'][2] = 'shadowAccount';
> $entry['objectclass'][3] = 'inetOrgPerson';
> $entry['uid'] = $userID;
> $entry['homeDirectory'] = '/home/' . $userID;
> $entry['gidNumber'] = 100;
>
> // get the next available uid and increment it if we're adding a user
> if (isset($credentials)) {
> $ds =
> @ldap_connect($GLOBALS['conf']['auth']['params']['hostspec']);
> @ldap_set_option($ds, LDAP_OPT_PROTOCOL_VERSION,
> $GLOBALS['conf']['auth']['params']['version']);
> @ldap_bind($ds,
> $GLOBALS['conf']['auth']['params']['binddn'],
> $GLOBALS['conf']['auth']['params']['password']);
> $searchResults = @ldap_search($ds, 'dc=religare,dc=in',
> 'mail=jagan at religare.in' );
> $information = @ldap_get_entries($ds, $searchResults);
> # ldap_modify($ds, 'o=virtual,dc=religare,dc=in' );
> @ldap_close($ds);
> # $entry['uidNumber'] = $information[0]['uidnumber'][0];
> return $ldap_search;
> }
>
> // need to check for new users (password) and edited users
> (user_pass_2)
> if (isset($credentials) && isset($credentials['password'])) {
> $entry['userPassword'] = '{MD5}' .
> base64_encode(mHash(MHASH_MD5, $credentials['password']));
> } else if (isset($credentials) &&
> isset($credentials['user_pass_2'])) {
> $entry['userPassword'] = '{MD5}' .
> base64_encode(mHash(MHASH_MD5, $credentials['user_pass_2']));
> }
> return $entry;
> }
> }
>
>
> I followed the NewLDAPHowTo and ExistingLDAPHowTo, but both of them
> are for posix accounts
>
> slapcat -b "dc=religare,dc=in"
> dn: mail=shalab123 at religare.in,vd=religare.in,o=virtual,dc=religare,dc=in
> mail: shalab123 at religare.in
> sn: shalab123
> cn: shalab123
> givenName: shalab123
> mailbox: religare.in/shalab123/
> uid: shalab123.religare.in
> vdHome: /home/virtual/ms1
> accountActive: TRUE
> lastChange: 1297453
> objectClass: top
> objectClass: VirtualMailAccount
> objectClass: MailAccount
> objectClass: Vacation
> objectClass: VirtualForward
> mailAutoreply: shalab123 at religare.in.autoreply
> quota: 10000
> delete: FALSE
> userPassword:: UGFzc3dvcmQ=
> vacationActive: FALSE
> vacationInfo: Out Of Office
> vacationStart: 200906150000
> vacationEnd: 200906170000
> forwardActive: FALSE
> structuralObjectClass: VirtualMailAccount
> entryUUID: d7001c80-cb8c-1033-88c2-ed2f4bc8556b
> creatorsName: cn=admin,dc=religare,dc=in
> createTimestamp: 20140908101545Z
> entryCSN: 20140908101545Z#000000#00#000000
> modifiersName: cn=admin,dc=religare,dc=in
> modifyTimestamp: 20140908101545Z
>
> Above is for only one user
>
> my ldif file
> # shalab123 at religare.in, religare.in, virtual, religare.in
> dn: mail=shalab123 at religare.in,vd=religare.in,o=virtual,dc=religare,dc=in
> mail: shalab123 at religare.in
> sn: shalab123
> cn: shalab123
> givenName: shalab123
> mailbox: religare.in/shalab123/
> uid: shalab123.religare.in
> #mailAlternateAddress: shalab123 at religare.in
> vdHome: /home/virtual/ms1
> accountActive: TRUE
> lastChange: 1297453
> objectClass: top
> objectClass: VirtualMailAccount
> objectClass: MailAccount
> objectClass: Vacation
> objectClass: VirtualForward
> mailAutoreply: shalab123 at religare.in.autoreply
> quota: 10000
> delete: FALSE
> userPassword: Password
> vacationActive: FALSE
> vacationInfo: Out Of Office
> vacationStart: 200906150000
> vacationEnd: 200906170000
> forwardActive: FALSE
>
>
>
> Sorry for all the fuss, but I am totally blind now. I can not make
> this work now. Please help.
>
> My requirement is that, that the users can be managed, updated,
> created. "like in phpldapadmin". I know much about php.
>
>
> After finish, it should work as follows.
> 1. When I click on update a users
> email, quota, forwarding, etc must be visisble and must be modifyable
> 2. When I click on users
> I can create a new user with all the fields "quota, vacation, etc"
Horde is a not a full-featured LDAP administration tool. The user
management is limited to the fields that you see in the interface.
You can use the signup extra hooks though to extend these fields,
though you need to implement the LDAP and PHP logic yourself then.
> The how "NewLDAPHowTo and ExistingLDAPHowTo"to seems to be solution,
> Bt can not make this work with the virtuall user. Please help.
>
>
> Below is the conf.php
>
> <?php
> /* CONFIG START. DO NOT CHANGE ANYTHING IN OR AFTER THIS LINE. */
> // $Horde: horde/config/conf.xml,v 1.74.2.81 2008/11/27 05:29:45 chuck Exp $
> $conf['vhosts'] = false;
> $conf['debug_level'] = E_ALL & ~E_NOTICE;
> $conf['max_exec_time'] = 0;
> $conf['compress_pages'] = true;
> $conf['secret_key'] = 'fefe0c69ea44bec824a64f459f48a56b0c146ad7';
> $conf['umask'] = 077;
> $conf['use_ssl'] = 2;
> $conf['server']['name'] = $_SERVER['SERVER_NAME'];
> $conf['server']['port'] = $_SERVER['SERVER_PORT'];
> $conf['urls']['token_lifetime'] = 30;
> $conf['urls']['hmac_lifetime'] = 30;
> $conf['urls']['pretty'] = false;
> $conf['safe_ips'] = array();
> $conf['session']['name'] = 'Horde';
> $conf['session']['use_only_cookies'] = true;
> $conf['session']['cache_limiter'] = 'nocache';
> $conf['session']['timeout'] = 0;
> $conf['cookie']['domain'] = $_SERVER['SERVER_NAME'];
> $conf['cookie']['path'] = '/horde';
> $conf['sql']['phptype'] = false;
> $conf['auth']['admins'] = array('jagan at religare.in');
> $conf['auth']['checkip'] = true;
> $conf['auth']['checkbrowser'] = true;
> $conf['auth']['alternate_login'] = false;
> $conf['auth']['redirect_on_logout'] = false;
> $conf['auth']['params']['hostspec'] = '192.168.122.250';
> $conf['auth']['params']['basedn'] =
> 'vd=religare.in,o=virtual,dc=religare,dc=in';
> $conf['auth']['params']['binddn'] = 'cn=admin,dc=religare,dc=in';
> $conf['auth']['params']['password'] = 'redhat';
> $conf['auth']['params']['version'] = '3';
> $conf['auth']['params']['ad'] = false;
> $conf['auth']['params']['uid'] = 'mail';
> $conf['auth']['params']['encryption'] = 'ssha';
> $conf['auth']['params']['newuser_objectclass'] = array('top',
> 'VirtualMailAccount', 'MailAccount', 'Vacation', 'VirtualForward');
> $conf['auth']['params']['objectclass'] = array('top',
> 'VirtualMailAccount', 'MailAccount', 'Vacation', 'VirtualForward');
> $conf['auth']['params']['filter_type'] = 'objectclass';
> $conf['auth']['params']['password_expiration'] = 'no';
> $conf['auth']['driver'] = 'ldap';
> $conf['signup']['allow'] = false;
> $conf['log']['priority'] = PEAR_LOG_DEBUG;
> $conf['log']['ident'] = 'HORDE';
> $conf['log']['params'] = array();
> $conf['log']['name'] = '/tmp/horde.log';
> $conf['log']['params']['append'] = true;
> $conf['log']['type'] = 'file';
> $conf['log']['enabled'] = true;
> $conf['log_accesskeys'] = false;
> $conf['prefs']['driver'] = 'session';
> $conf['alarms']['driver'] = false;
> $conf['datatree']['driver'] = 'null';
> $conf['group']['driver'] = 'datatree';
> $conf['group']['cache'] = false;
> $conf['perms']['driver'] = 'datatree';
> $conf['share']['no_sharing'] = false;
> $conf['share']['any_group'] = false;
> $conf['share']['cache'] = false;
> $conf['share']['driver'] = 'datatree';
> $conf['cache']['default_lifetime'] = 86400;
> $conf['cache']['params']['sub'] = 0;
> $conf['cache']['driver'] = 'file';
> $conf['lock']['driver'] = 'none';
> $conf['token']['driver'] = 'none';
> $conf['mailer']['params']['sendmail_path'] = '/usr/lib/sendmail';
> $conf['mailer']['params']['sendmail_args'] = '-oi';
> $conf['mailer']['type'] = 'sendmail';
> $conf['mailformat']['brokenrfc2231'] = false;
> $conf['vfs']['type'] = 'none';
> $conf['sessionhandler']['type'] = 'none';
> $conf['sessionhandler']['memcache'] = false;
> $conf['problems']['email'] = 'webmaster at example.com';
> $conf['problems']['maildomain'] = 'example.com';
> $conf['problems']['tickets'] = false;
> $conf['problems']['attachments'] = true;
> $conf['menu']['apps'] = array();
> $conf['menu']['always'] = false;
> $conf['menu']['links']['help'] = 'all';
> $conf['menu']['links']['options'] = 'authenticated';
> $conf['menu']['links']['problem'] = 'all';
> $conf['menu']['links']['login'] = 'all';
> $conf['menu']['links']['logout'] = 'authenticated';
> $conf['hooks']['permsdenied'] = false;
> $conf['hooks']['username'] = false;
> $conf['hooks']['preauthenticate'] = false;
> $conf['hooks']['postauthenticate'] = false;
> $conf['hooks']['authldap'] = true;
> $conf['hooks']['groupldap'] = true;
> $conf['portal']['fixed_blocks'] = array();
> $conf['accounts']['driver'] = 'null';
> $conf['user']['verify_from_addr'] = false;
> $conf['imsp']['enabled'] = false;
> $conf['kolab']['enabled'] = false;
> $conf['memcache']['enabled'] = false;
> /* CONFIG END. DO NOT CHANGE ANYTHING IN OR BEFORE THIS LINE. */
>
>
> horde.log
> Sep 10 14:24:40 HORDE [notice] [horde] Login success for
> jagan at religare.in [192.168.122.1] to Horde [pid 2006 on line 138 of
> "/var/www/html/horde/login.php"]
> Sep 10 14:24:46 HORDE [debug] [horde] Hook _horde_hook_signup_getextra
> in application horde not called. [pid 2008 on line 1688 of
> "/var/www/html/horde/lib/Horde.php"]
> Sep 10 14:24:50 HORDE [debug] [horde] Hook _horde_hook_signup_getextra
> in application horde not called. [pid 2006 on line 1688 of
> "/var/www/html/horde/lib/Horde.php"]
> Sep 10 14:25:44 HORDE [debug] [horde] Hook _horde_hook_signup_getextra
> in application horde not called. [pid 2005 on line 1688 of
> "/var/www/html/horde/lib/Horde.php"]
>
> Please help
> --
> Thanks & Regards
>
> B Jagannath Naidu
--
Jan Schneider
The Horde Project
http://www.horde.org/
https://www.facebook.com/hordeproject
More information about the horde
mailing list