[sork] Re: Passwd changing IMP + LDAP + POP3

Edwin Culp eculp@encontacto.net
Fri, 28 Jun 2002 18:06:36 -0700

Previous message: [sork] Re: Passwd changing IMP + LDAP + POP3
Next message: [sork] Re: Passwd changing IMP + LDAP + POP3
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

t seems to work great.



 | Please test it and let me know what happens.

It works if your acl's allow anonymous reads -- or writes :-)  My work
around is to change the method for determining the user's dn in ldap.php

    function lookupdn($user, $realm, $basedn, $uid) {
//      $sr = ldap_search($this->ds, $basedn, "$uid=$user@$realm");
//      $entry = ldap_first_entry($this->ds, $sr);
//      $dn = ldap_get_dn($this->ds, $entry);
      $dn = $basedn;
      return $dn;
    }

Which makes the function a place holder, at best, for now.

In my conf.php I just added the following as basedn

basedn => 'mail=' . $usermail . ',ou=people,o=worldinternet.org',

That way I do not depend on an anonymous search to find the dn that fails
with read permission.


 | 
 | The issue with this that was reported to me, as opposed to the other way
 | of binding as root and changing the password, is as follows:
 | 
 | > now this works perfect in my configuration, but when using pam-ldap, the
 | >
 | > by anonymous auth
 | >
 | > has to be
 | >
 | > by anonymous read

That would be the same with or without pam-ldap, IMO.  I am not using pam-ldap.
and see the same.

 | >
 | > otherwise pam-ldap refuses to authenticate. Atleast that's would i've read
 | a
 | > couple of times.
 | 
 | Any one know anything about pam-ldap and why its ldap acl might differ from 
 | other installations?

I don't see why it would. 

ed

Previous message: [sork] Re: Passwd changing IMP + LDAP + POP3
Next message: [sork] Re: Passwd changing IMP + LDAP + POP3
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]