[sork] Re: Passwd changing IMP + LDAP + POP3
Edwin Culp
eculp@encontacto.net
Fri, 28 Jun 2002 08:45:08 -0700
Quoting Eric Rostetter <eric.rostetter@physics.utexas.edu>:
| Quoting dystopia@scholieren.com:
|
| > On Thu, Jun 27, 2002 at 11:32:49PM -0500, Eric Rostetter wrote:
| > > I don't run ldap (yet) so that is pretty much like jibberish to me.
| > > But I think the key is the "by self write" based on my discussions with
| > > two other people running ldap.
| >
| > Yeah. I saw you currently just login using rootdn to change a
| > userPassword but actually a user can authenticate to LDAP theirselves
| > like they do when logging in to Horde/IMP itself.
|
| I like this method, and am willing to switch to it if I get enough
| support. With you, there are now 2 for the switch, 1 against. So if
| you want I can make the change now ;)
Please make that three for the switch:-)
|
| > LDAP is very restrictive in this matter. Ie. only userPassword can be
| > changed. When writing a configuration tool in PHP in which you want a
| > user to be able to change their aliases for example, you can add these
| > attributes in your ldap conf as well. But I don't think Horde/IMP is
| > aimed to this, right? In the future it might be interesting as an
| > option/plugin :)
|
| I don't know if this would be generally useful or not. So I won't commit
| to anything at this point.
|
| > > Yes, which sounds like a good idea. BTW, are your passwords stored
| clear
| > > text or encrypted? If encrypted, what encryption scheme are you using?
| >
| > I'm currently using crypt, standard scheme used by phpQLAdmin, a
| > configuration utility for Qmail-LDAP. It supports SHA and MD5 as well
| > for passwords longer then 8 characters, but LDAP does not support
| > hashes. Source of this info is here:
| > http://www.adfinis.ch/projects/phpQLAdmin/demo/doc/faq.php
|
| Okay.
|
| > When i tried your passwd addon and filled in the correct password i get
| > this:
| >
| > Fatal error: Call to undefined function: mhash() in
| > /home/www/iis/webmail/passwd/ldap.php on line 44
|
| Yes, the current code uses the mhash() funtion of the mcrypt php extension
| to create the SHA hash. This error means you don't have mcrypt enabled
| in php. We can remove this dependency.
I think I also had to add a --with-mhash to my compile in addition to mcrypt
but I have a --with overload sometimes.
I will be trying to help out with sork. I can see it becoming a general
purpose source of webbased, horde admin tools.
ed