[horde] passwd again
Jan Schneider
jan at horde.org
Thu Nov 17 10:35:17 UTC 2016
Zitat von Frank Lienhard <frank at mclien.de>:
> On 11/16/2016 03:23 PM, Hendrik Noack wrote:
>>> -----Ursprüngliche Nachricht-----
>>> Von: horde [mailto:horde-bounces at lists.horde.org] Im Auftrag von Frank
>>> Lienhard
>>> Gesendet: Mittwoch, 16. November 2016 15:14
>>> An: horde at lists.horde.org
>>> Betreff: Re: [horde] passwd again
>>>
>>>
>>>
>>> On 11/16/2016 03:00 PM, Hendrik Noack wrote:
>>>>> -----Ursprüngliche Nachricht-----
>>>>> Von: horde [mailto:horde-bounces at lists.horde.org] Im Auftrag von
>>>>> Frank Lienhard
>>>>> Gesendet: Mittwoch, 16. November 2016 14:45
>>>>> An: horde at lists.horde.org
>>>>> Betreff: Re: [horde] passwd again
>>>>>
>>>>>
>>>>>
>>>>> On 11/16/2016 01:32 PM, Arjen de Korte wrote:
>>>>>> Citeren Frank Lienhard <frank at mclien.de>:
>>>>>>
>>>>>>> I installed passwd according to official doku via pear.
>>>>>>>
>>>>>>> But I get:
>>>>>>> No backend configured for this host when trying to change passwords
>>>>>>> as user.
>>>>>>>
>>>>>>> I understand there is some backend to configure, but I lack the
>>>>>>> knowledge where to define and more important what backend (most
>>>>> post
>>>>>>> talk about ldap, which seams wrong in my setup, since I don't use
>>>>>>> any ldap server. So what is the default way of how horde organizes
>>>>>>> user/passwd)?
>>>>>>
>>>>>> Horde by default uses the IMAP server to authenticate users. If you
>>>>>> didn't change that, you're the only one who can tell how your IMAP
>>>>>> server authenticates users. The backend you need to configure,
>>>>>> depends on the method your IMAP server uses.
>>>>>>
>>>>>>
>>>>>>
>>>>> Is that still so, if I use the groupware variante of horde (without
>>>>> the
>>>> webmail
>>>>> part) ?
>>>>
>>>> So how do you organize your user accounts? The webinterface offers
>>>> quite a lot of options for user authentication, even if you don't use
>>>> an IMAP server. If you have local user accounts only on that server,
>>>> you could use PAM for authentication, simply because most linux
>>>> distributions have PAM already set up. If you have a Microsoft
>>>> environment with Active Directory running, LDAP ist he way to go,
>>>> since AD is just a little different from normal LDAP. There a lots of
>> good
>>> tutorials out there for AD.
>>>>
>>>> I personally use the webmail edition. User authentication is done via
>>>> PAM, but not in Horde directly. I have my SMTP and IMAP server set to
>>>> authenticate users against PAM. I have my users and groups in an
>>>> Active Directory which is connected to PAM via winbind (or sssd in
>>>> newer installations). That way I can ues different services, but
>>>> always the same authentication mechanism.
>>>
>>> What I did is I installed the grouware edition and didn't touch the
>> default
>>> values that com with it (except forcing horde to https).
>>> I then installed the passwd module to let the users change their own
>> passwd,
>>> which apparently won't work in this combination.
>>> I use the horde admin user to genereate new users.
>>>
>>> The default setting of the groupware edition has the following setting for
>>> that:
>>> Configuration -Authentication - $conf[auth][driver] is set to SQL
>>> Authentcation and $conf[auth][params][driverconfig] to horde defaults
>>>
>>> LDAP and IMAP servers are disabled by default.
>>>
>>> So somehow passwd seems not to be able to communicate with the SQL
>>> driver?
>>
>> Ok I think I can't give you any better advice, because I never used SQL
>> authentication.
>> There is a lot of options in the web interface for SQL auth, so I assume
>> your SQL auth is working fine apart from passwd?
> exactly
>
>>
>> https://www.horde.org/apps/passwd/docs/INSTALL/#configuring-passwd
> there are only some settings, from which only
> $conf[backend][backend_list] seems fitting. Descriptioin text is:
> " Should we display a list of backends (defined in config/backends.php)
> for users to choose from? If 'hidden', then you can use the 'preferred'
> mechanism in backends.local.php to auto-select based on an HTTP
> virtualhost or another piece of data. If 'shown', the user will be able
> to pick from any of the options."
>>
>> Sound like you just need a few settings in the web interface to get it
>> running. Sorry, maybe someone else with SQL auth experience can help you.
>>
> The above seems to imply, that it is expected that you do the
> confguration of the backend directly in the config files. I looked into
> it and found (in .../horde/passwd/config/backends.php), that by default
> ALL backends are set to "'disabled' => true,"
> So I think I need to have a backend confg file to edit. Preferable
> generate a backends.local.php instead of editing backends.php
>
> There are 2 sql backends, though:
> "hordesql" and "sql" (and there is also a "hordeauth", which seems the
> wrong option to me , since the "$conf[auth][driver]" is set to SQL)
Just set
$backends['hordeauth']['disabled'] = false;
in backends.local.php.
--
Jan Schneider
The Horde Project
http://www.horde.org/
More information about the horde
mailing list