[horde] Problems with PASSWD and LDAP

David Cunningham dcunningham at additionnetworks.net
Wed Jan 20 15:08:12 UTC 2016


Here is a further follow up…

This works:

<?php
$backends['ldap'] = array(
    'disabled' => false,
    'name' => 'Courier Mail Server',
    'preferred' => 'courier.additionnetworks.net<http://courier.additionnetworks.net>',
    'driver' => 'Ldap',
    'policy' => array(
        'minLength' => 6,
        'minNumeric' => 1,
    ),
    'params' => array(
        'host' => 'courier.additionnetworks.net<http://courier.additionnetworks.net>',
        'port' => 389,
        'basedn' => 'ou=test.mecnet.net<http://test.mecnet.net>,ou=customers,dc=mecnet,dc=net',
        // LDAP object key attribute.
        'uid' => 'uid',
        // The attribute storing the password.
        //'attribute' => 'Password',
        // These attributes will enable shadow password policies.
        // 'shadowlastchange' => 'shadowLastChange',
        // 'shadowmin' => 'shadowMin',
        // This will be appended to the username when looking for the userdn.
        //'realm' => '',
        // Use this filter when searching for the user's DN.
        //'filter' => 'uid',
        // Hash method to use when storing the password
        'encryption' => 'crypt',
        // Whether to enable TLS for this LDAP connection
        // Note: make sure that the host matches cn in the server certificate.
        'tls' => false,
        // Determine the user's DN. %u will be replaced by the user's ID.
        // Alternatively, disable this option and instead use the 'userdn'
        // hook (config/hooks.php) to dynamically set the userdn.
        //'userdn' => 'uid=%u,ou=%d,ou=customers,dc=mecnet,dc=net'
    ),
);


But!!!  I cannot do that… I need the domain name (IE, test.mecnet.net<http://test.mecnet.net> in this example) to be dynamic as I have dozens of different domains logging in.  This user is dcunningham at test.mecnet.net<mailto:dcunningham at test.mecnet.net>.  I need that OU to be dynamic.  It says that %d should be replaced with the domain, but it does not work.  When searching the code, I do not see a str_replace for %d… just %u.

Dave




On Jan 20, 2016, at 8:38 AM, David Cunningham <dcunningham at additionnetworks.net<mailto:dcunningham at additionnetworks.net>> wrote:

Hi All, especially Jan,

I never received a follow-up to this.  Can you help?

Dave



On Jan 14, 2016, at 3:49 PM, David Cunningham <dcunningham at additionnetworks.net<mailto:dcunningham at additionnetworks.net>> wrote:

  {
      // Example: Provide LDAP server with a userdn so that you do not
      // have to perform anonymous binds.
      return 'uid=' . $authid . ',ou=$domain,ou=customers,dc=mecnet,dc=net';
  }



Dave

--
Horde mailing list
Frequently Asked Questions: http://horde.org/faq/
To unsubscribe, mail: horde-unsubscribe at lists.horde.org<mailto:horde-unsubscribe at lists.horde.org>

--
Horde mailing list
Frequently Asked Questions: http://horde.org/faq/
To unsubscribe, mail: horde-unsubscribe at lists.horde.org<mailto:horde-unsubscribe at lists.horde.org>



More information about the horde mailing list