[sork] Re: Passwd changing IMP + LDAP + POP3

[Eric Rostetter]

Quoting Edwin Culp <eculp@encontacto.net>:

>  | Please test it and let me know what happens.
> 
> It works if your acl's allow anonymous reads -- or writes :-)  My work

Are you saying you don't allow anonymous reads???  Maybe you allow only
anonymous auth?  Is it possible to allow both read+auth???

> around is to change the method for determining the user's dn in ldap.php
> 
>     function lookupdn($user, $realm, $basedn, $uid) {
> //      $sr = ldap_search($this->ds, $basedn, "$uid=$user@$realm");
> //      $entry = ldap_first_entry($this->ds, $sr);
> //      $dn = ldap_get_dn($this->ds, $entry);
>       $dn = $basedn;
>       return $dn;
>     }
> 
> Which makes the function a place holder, at best, for now.

Would it help if there were two connect/lookup routines -- one that would
login as root and look up the user, the other which would login as 
anonymous/guest and lookup the user?  Then you would configure which one
to use in the conf.php file???

> In my conf.php I just added the following as basedn
> 
> basedn => 'mail=' . $usermail . ',ou=people,o=worldinternet.org',
> 
> That way I do not depend on an anonymous search to find the dn that fails
> with read permission.

Does this always fail, or just in some installations/setups???

-- 
Eric Rostetter
The Department of Physics
The University of Texas at Austin

"TAD (Technology Attachment Disorder) is an unshakable, impractical devotion
to a brand, platform, product line, or programming language. It's relatively
harmless among the rank and file, but when management is afflicted the damage
can be measured in dollars. It's also contagious -- someone with sufficient
political clout can infect an entire organization."

--"Enterprise Strategies" columnist Tom Yager.