[sork] ldap password change question
eculp at encontacto.net
eculp at encontacto.net
Tue Mar 18 17:21:45 PST 2003
Quoting Joe Cave <Joe at tendocom.com>:
| hi list,
| trying to migrate my horde to ldap backend and i'm having a problem changing
| passwords in ldap. when i try and change the passwd i get this error in
| horde:
|
| Failure in changing password : User not found.
|
| i think i've been looking at too much ldap for a while so maybe another pair
| of eyes can help me sort this out? here's my info:
|
| - horde/passwd stable versions as of a couple days ago
|
| here's my ldap access:
|
| access to * attr=userPassword,cn,sn,givenName,hordePrefs,impPrefs,turbaPrefs
| by self write
| by * auth
Hey Joe,
Just from your ACL, I'm going to take a stab in the dark. The driver
expects to be able to do an anonymous bind first which you are not allowing.
I think that the solution is to use the passwd hooks that are defined in
horde/config/hooks.php. I need to do that too. I'm using an old ldap.php
driver that I hacked to solve the problem before the hooks and had actually
forgotten about them. Thanks for reminding me:-)
Good luck,
ed
| here's my ldap user:
|
| # joe, accounts, ld.dir
| dn: uid=joe,ou=accounts,dc=ld,dc=dir
| sn: joe
| cn: joe cave
| objectClass: top
| objectClass: person
| objectClass: organizationalPerson
| objectClass: inetOrgPerson
| objectClass: qmailUser
| objectClass: hordePerson
| mail: joe at netwrek.net
| mailMessageStore: /var/qmail/maildirs/joe
| mailHost: bandit
| uid: joe
| userPassword:: bGRhcGxkYXA=
| ou: personal_addressbook
|
| here's my backends.php:
|
| $backends['ldap'] = array(
| 'name' => 'ldap',
| 'preferred' => '',
| 'password policy' => array(
| 'minLength' => 7,
| 'maxLength' => 16
| ),
| 'driver' => 'ldap',
| 'params' => array(
| 'host' => 'localhost',
| 'port' => 389,
| 'basedn' => 'ou=accounts,dc=ld,dc=dir',
| 'uid' => 'uid',
| 'realm' => '', // this will be appended to the username when
| // looking for the userdn.
| // 'userdn' => 'uid=' . Auth::getAuth() . ',ou=accounts,dc=ld,dc=dir,
| 'encryption' => 'plain'
| )
| );
|
| here's my conf.php:
|
| $conf['menu']['apps'] = array();
| $conf['backend']['backend_list'] = 'hidden';
| $conf['password']['strengthtests'] = true;
| $conf['hooks']['username'] = false;
| $conf['hooks']['default_username'] = false;
|
| here's the ldap log:
|
| [ID 293980 local4.debug] daemon: conn=114 fd=15 connection from
| IP=127.0.0.1:30589 (IP=0.0.0.0:389) accepted.
| [ID 347666 local4.debug] conn=114 op=0 BIND dn="" method=128
| [ID 217296 local4.debug] conn=114 op=0 RESULT tag=97 err=0 text=
| [ID 902418 local4.debug] conn=114 op=1 SRCH base="ou=accounts,dc=ld,dc=dir"
| scope=2 filter="(uid=joe)"
| [ID 362707 local4.debug] conn=114 op=1 SEARCH RESULT tag=101 err=0 nentries=0
| text=
| [ID 338319 local4.debug] conn=114 op=2 UNBIND
| [ID 850449 local4.debug] conn=114 fd=15 closed
|
| what am i missing here? any input is appreciated. also, i know in cvs version
| its possible to lock the username to the uid of the person logged in. is it
| possible with stable version also? thx much.
|
| - j
|
|
| --
| Sork mailing list
| Frequently Asked Questions: http://horde.org/faq/
| To unsubscribe, mail: sork-unsubscribe at lists.horde.org
|
--
-------------------------------------------------
More information about the sork
mailing list