[horde] Username and pref_uid

Hendrik Noack hn at axxedia-it.de
Fri Dec 23 12:10:57 UTC 2016 


> -----Ursprüngliche Nachricht-----
> Von: horde [mailto:horde-bounces at lists.horde.org] Im Auftrag von Christian
> Schoepplein
> Gesendet: Freitag, 23. Dezember 2016 11:24
> An: horde at lists.horde.org
> Betreff: Re: [horde] Username and pref_uid
> 
> Hi Hendrik,
> 
> thanks for your reply!
> 
> On Fri, Dec 23, 2016 at 10:12:18AM +0100, Hendrik Noack wrote:
> >> Von: horde [mailto:horde-bounces at lists.horde.org] Im Auftrag von
> >> Christian Schoepplein
> >> Gesendet: Donnerstag, 22. Dezember 2016 18:08
> >> An: horde at lists.horde.org
> >> Betreff: [horde] Username and pref_uid
> 
> [...]
> 
> >> Is there an easy way to use another pref_uid then the userId which is
> >> entered while login into horde? Or to ask it another way: Can I
> >> initialize a different pref_uid then the userId everytime a user is
login in?
> >
> >I'm guessing you are using the IMAP server for authentication via horde
> >imp then?
> 
> Yes.
> 
> >I'm using these hooks, so my login can be different from the mail
address.
> 
> Thanks for the hooks. I am also using some hooks already to get the
> mailaddress for a user and this is working fine so far.
> 
> >So with the first hook (if you change it accordingly to your needs),
> >you can build a uid like firstname.lastname.additional_string from
> >firstname.lastname <= did you mean this one with authusername?
> 
> Yes, that is what I've tried. But if I change the auth username and add
the
> additional string, login to the imap server failes because the imap
serveris
> only accepting usernames without the additional string.
> 
> Maybe I should try to describe the problem more detailed...
> 
> In our environment the users have the login firstname.lastname. But it
> happens from time to time, that a user is leaving and another user with
the
> same combination of first and lastname is created by our stupid peace of
> identity management software :-(. If such a new user, with the same
> combination of first and lastname an old user had before, is login into
horde,
> the settings of the old user are loaded because the horde_prefs table
still
> contains the entries for the firstname.lastname combination.
> 
> I am able to identify different users with the same combination of first
and
> lastname by another attribute set by our identity management software,
> that is the string I'd like to add and use in the horde_prefs table in the
> pref_uid collumn.
> 
> So the problem is, that I need to use the combination firstname.lastname
for
> login into horde, imp, e.g., but also use
> firstname.lastname at additional_string during a session as the internal
horde
> userid.
> 
> I hope the problem / question is more clear now and maybe someone has a
> hint how to solve it :-).

OK understood. So if you stick to your post authentication hook
authusername, you should definitely check your imp backends.php (i.e.
backends.php.local)

I'm referring to this option:
* hordeauth: (mixed) Use Horde authentication?  One of:
 *     - true: [DEFAULT] IMP will attempt to use the user's existing
 *             credentials (the username/password they used to log in to
 *             Horde with) to login to this server.
 *             Everything after and including the first @ in the username
 *             will be stripped off before attempting authentication.
 *     - 'full': The username will be used unmodified.
 *     - false: Don't use Horde authentication; always require separate
login.

My default setting is false (the opposite of what it's telling in the
description). My guess is that imp sends the login
credentials one time to the IMAP server, this succeeds while it is not
altered and after the post auth hook it is sending the altered login
credentials which will fail, when hordeauth iss et to false. I'm never asked
for a seperate login/password when it is set to false.

You might want to try the other two options.

I'm curious: why does it only affect the horde prefs? Are you clearing out
the users mail folders manually when you delete them? Otherwise it should be
problem with IMAP too!
If you use a script to delete the IMAP folders, you could also use that
script for deleting the database entry.


> 
> Thanks and kind regards,
> 
>   Schoepp
> 
> --
> Christian Schoepplein
> 
> Landeshauptstadt Muenchen
> Referat fuer Bildung und Sport
> Zentrum fuer Informationstechnologie im Bildungsbereich (ZIB)
> - Netze und Servermanagement
> 
> Postanschrift:                          Bueroanschrift:
> 
> Landeshauptstadt Muenchen               Landeshauptstadt Muenchen
> Referat fuer Bildung und Sport          Referat fuer Bildung und Sport
> Postfach                                Bayerstr. 28 (Raum 5.326)
> 
> 80313 Muenchen                          80335 Muenchen
> 
> T: +49 (0)89 233-87623
> E: c.schoepplein (at) musin.de
> I: http://www.zib.musin.de
> 
> Elektronische Kommunikation mit der Landeshauptstadt Muenchen, siehe:
> http://www.muenchen.de/ekomm
> 
> Bitte denken Sie an die Umwelt, bevor Sie diese E-Mail ausdrucken. Pro
Blatt
> sparen Sie durchschnittlich 15g Holz, 260ml Wasser, 0,05kWh Strom und 5g
> CO2.
> 
> --
> Horde mailing list
> Frequently Asked Questions: http://horde.org/faq/ To unsubscribe, mail:
> horde-unsubscribe at lists.horde.org



Mit freundlichen Grüßen / Best regards
   
Hendrik Noack

   
--
Axxedia IT GmbH

Schwabstr. 30
71106 Magstadt
   
Tel +49 7159 4979763
Fax +49 7159 4979775
   
Mail hn at axxedia-it.de
   
Sitz der Gesellschaft: Schwabstr. 30, 71106 Magstadt
Geschäftsführer: Hendrik Noack . Amtsgericht: Stuttgart HRB 727296
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4563 bytes
Desc: not available
URL: <https://lists.horde.org/archives/horde/attachments/20161223/52b431f2/attachment.bin>

More information about the horde mailing list