[sork] passwd ldap feature, searching for userdn not required on some installs..
Geff
boing at boing.com
Sun Dec 25 02:06:19 PST 2005
Howdy,
All. This password / sork thing is an excellent module. I would
suggest the following patch as an option for configuration of userdn.
So that passwd does not have to bind at all to search for the user.
And can just bind as the user to change their own password.
Thoughts and rejection are welcome and expected as always. :)
Something else I was thinking about was some way to have multiple
backends update with a single update somehow? yes of course you get
into issues with rolling back if one fails, but it would be handy from
the user's perspective if the password policies matched and every
service was up. The practical case is my OS password (via poppassd)
and LDAP (addressbook). Any desire for such a patch?
Thanks much for your time,
Geff
----
config param:
'userdn' => 'cn=' . Auth::getBareAuth() . ',ou=people,o=boing',
"ou=people,o=boing" is my container for my user objects. I guess this
could have been:
'userdn => 'cn=' . Auth::getBareAuth() . $params['basedn'];
or something as such.
kusanagi:/var/www/virtuals/mail.boing.com/htdocs/horde/passwd/lib/Driver)diff
-c ldap.php*
*** ldap.php Sat Dec 24 02:25:50 2005
--- ldap.php.dist Sat Dec 24 01:52:51 2005
***************
*** 206,215 ****
*/
function _userDN($username, $old_password)
{
! if ($this->_params['userdn']) {
! $userdn = $this->_params['userdn'];
! return $userdn;
! } else if ($GLOBALS['conf']['hooks']['userdn']) {
$userdn = Horde::callHook('_passwd_hook_userdn',
array(Auth::getAuth()));
} else {
--- 206,212 ----
*/
function _userDN($username, $old_password)
{
! if ($GLOBALS['conf']['hooks']['userdn']) {
$userdn = Horde::callHook('_passwd_hook_userdn',
array(Auth::getAuth()));
} else {
More information about the sork
mailing list