[horde] Username and pref_uid

Hendrik Noack hn at axxedia-it.de
Fri Dec 23 09:12:18 UTC 2016


> -----Ursprüngliche Nachricht-----
> Von: horde [mailto:horde-bounces at lists.horde.org] Im Auftrag von Christian
> Schoepplein
> Gesendet: Donnerstag, 22. Dezember 2016 18:08
> An: horde at lists.horde.org
> Betreff: [horde] Username and pref_uid
> 
> Hello,
> 
> I am updating a very old horde installation to the newest packages,
> everything fine so far. But one thing regarding username and the pref_uid,
> which is used for example to identify personal preferences in the
> horde_prefs table, is causing me headaches :-(.
> 
> To log in to horde and imapservers the login firstname.lastname shall be
used
> and the mailaddress of the users shall be firstname.lastname at domain.tld.
> This is working so far, but with that kind of setup in the horde_prefs
table all
> user settings are stored with the pref_uid firstname.lastname.
> 
> Now I am looking for a simple solution to add a additional string to the
> pref_uid, so that it looks like this:
> (firstname.lastname.additional_string
> 
> I've tried to do this using the authusername hook and I was able to change
> the string, but unfortunatly this is changing the userId variable in
general and
> the additional string is also added to mailaddresses, e.g., so a
mailaddress
> loks like firstname.lastname.additional_string at domain.tld now.
> 
> Is there an easy way to use another pref_uid then the userId which is
> entered while login into horde? Or to ask it another way: Can I initialize
a
> different pref_uid then the userId everytime a user is login in?

Hi Christian, 

I'm guessing you are using the IMAP server for authentication via horde imp
then?
I'm using imp to pass the login credentials to my dovecot imap server.

I'm using these hooks, so my login can be different from the mail address.
I'm just browsing the AD
via LDAP to get the right mail address fort he user that just logged in.

<?php
class Horde_Hooks
{
    public function prefs_init($pref, $value, $username, $scope_ob)
    {
       if (is_null($username)) {        // not logged in
                return $value;
                }

       switch ($pref) {
       case 'id':
                if (is_null($uid)) {
                        $uid = $GLOBALS['registry']->getAuth('bare');
                }
                return $uid;

        case 'from_addr':
                if($value == '') {
                $cmd = 'ldapsearch -H ldaps://someserver.example.com:636 -x
-D cn=horde,cn=Users,dc=example,dc=com -w somepassword -b dc=example,dc=com
samaccountname=' . $username . ' | /bin/grep mail: |  /usr/bin/awk \'{print
$2}\'';;
                $mails = `$cmd`;
                $mail_array = explode("\n", $mails);
                $value = $mail_array['0'];
                }
                return empty($value) ? '' : $value;


       case 'fullname':
                if($value == '') {
                $array = posix_getpwnam($username);
                $gecos_array = explode(',', $array['gecos']);
                $value = $gecos_array[0];
                }
                return empty($value) ? $username : $value;
       }
    }
}

So the first hook (id) just passes he entered uid. You could do all kinds of
checks and changes in there to transform the entered user id into something
horde can use to authenticate the user.

The second one (from_addr) changes the users email address to something
useful. I take it from the AD, but you can use any source or even build it
from the login credentials and then pass it back to horde.

The third one (fullname) changes the users display name. Very useful in case
someone changes his or her name after marriage, so I only have to change it
in AD and all the other systems pull the change from there on the next
login. In my case the gecos information is taken from the AD via winbind and
therefore the server can just use this simple local pull to get the full
name. I could just  have used the ldap query from above to get the
displayname from AD directly, but I was lazy and the example just works fine
for me.

So with the first hook (if you change it accordingly to your needs), you can
build a uid like firstname.lastname.additional_string from
firstname.lastname <= did you mean this one with authusername?

With the second hook you can keep the correct mail address in store. <= I
hope I did understand your problem and this may be a solution for you.


> 
> Cheers,
> 
>   Schoepp
> 
> --
> Christian Schoepplein
> 
> Landeshauptstadt Muenchen
> Referat fuer Bildung und Sport
> Zentrum fuer Informationstechnologie im Bildungsbereich (ZIB)
> - Netze und Servermanagement
> 
> Postanschrift:                          Bueroanschrift:
> 
> Landeshauptstadt Muenchen               Landeshauptstadt Muenchen
> Referat fuer Bildung und Sport          Referat fuer Bildung und Sport
> Postfach                                Bayerstr. 28 (Raum 5.326)
> 
> 80313 Muenchen                          80335 Muenchen
> 
> T: +49 (0)89 233-87623
> E: c.schoepplein (at) musin.de
> I: http://www.zib.musin.de
> 
> Elektronische Kommunikation mit der Landeshauptstadt Muenchen, siehe:
> http://www.muenchen.de/ekomm
> 
> Bitte denken Sie an die Umwelt, bevor Sie diese E-Mail ausdrucken. Pro
Blatt
> sparen Sie durchschnittlich 15g Holz, 260ml Wasser, 0,05kWh Strom und 5g
> CO2.
> 
> --
> Horde mailing list
> Frequently Asked Questions: http://horde.org/faq/ To unsubscribe, mail:
> horde-unsubscribe at lists.horde.org

Mit freundlichen Grüßen / Best regards
   
Hendrik Noack

   
--
Axxedia IT GmbH

Schwabstr. 30
71106 Magstadt
   
Tel +49 7159 4979763
Fax +49 7159 4979775
   
Mail hn at axxedia-it.de
   
Sitz der Gesellschaft: Schwabstr. 30, 71106 Magstadt
Geschäftsführer: Hendrik Noack . Amtsgericht: Stuttgart HRB 727296
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4563 bytes
Desc: not available
URL: <https://lists.horde.org/archives/horde/attachments/20161223/45c225db/attachment.bin>


More information about the horde mailing list