[horde] Horde 5.2.13 (final)

Jan Schneider jan at horde.org
Wed Dec 21 17:25:35 UTC 2016 

Zitat von Jens Wahnes <wahnes at uni-koeln.de>:

> On Mon, Dec 19 2016, at 14:58:46 +0000, Michael J Rubinsky wrote:
>
>> Quoting Anthony Joseph Messina <amessina at messinet.com>:
>>
>>> On Monday, December 19, 2016 8:28:39 AM CST Volker Then wrote:
>>>> Quoting Michael J Rubinsky <mrubinsk at horde.org>:
>>>> > The Horde Team is pleased to announce the final release of the Horde
>>>> > Application Framework version 5.2.13.
>>>>
>>>> Hi Mike,
>>>>
>>>> did you change something on the ldap authentication mechanism lately?
>>>> After updating conf.php, user logins are all denied. I reversed back
>>>> to the old conf file, and authentication is working again.
>>>>
>>>> Volker
>>>
>>> It seems the following ['user'] params were added.  I use FreeIPA,  
>>> so my LDAP
>>> settings are as below (some lines wrapped).  With the following,
>>> authentication works again.
>>
>> AFAIKT, there hasn't been any change to the ldap auth parameters in well
>> over a year. Where do you see that these were recently added?
>
> I've seen similar problems with our setup.  The new version 5.2.13
> requires the conf.php to be updated via the web interface. When doing
> so, the "Id" line in conf.php is updated and, in our case, the
> following lines were added:
>
> $conf['ldap']['user']['uid'] = 'uid';
> $conf['ldap']['user']['objectclass'] = array('*');
> $conf['ldap']['user']['filter_type'] = 'objectclass';
>
> If I remove these three lines (leaving the changed line that starts
> with "// $Id" intact), LDAP authentication works fine and horde does
> not complain about needing to update the "Horde" configuration file
> anymore.
>
> Could it be that the configuration editor uses a different set of
> default attributes than the actual authentication code does?
>
> I do not tend to fiddle with conf.php often, so it may well be a bug
> that was not introduced lately, but has been with the configuration
> editor for a while now.

This would have happened in September then, with the release of  
Horde_Core 2.26.0:

* [jan] Allow to specify user DN search parameters for LDAP with all  
bind methods (Request #11697, heinz at htl-steyr.ac.at).

So are you guys saying that having these set by default breaks the  
existing LDAP configuration?

> Another thing about the configuration editor that has bothered me for a
> quite some time is that it seems to be forgetting the
> $conf['sql']['read']['hostspec'] setting. With a split-read
> configuration for MySQL, it will always enter the name of the "master"
> SQL server into that field unless you manually edit it to the
> designated "slave" SQL server name. That is, the once correct setting
> of $conf['sql']['read']['hostspec'] in conf.php is overwritten by a
> wrong one unless one remembers to fix that up in the config editor.
>
>
> Jens

Please try the latest Horde_Core package from Git that I just committed.

-- 
Jan Schneider
The Horde Project
https://www.horde.org/

More information about the horde mailing list