[sork] Sork passwd with LDAP

Hervé Hénoch h.henoch at isc84.org
Wed Sep 2 11:44:19 UTC 2009 

Helo,

I have a problem for setting passwd module. I have a LDAP server for 
authentication which is running fine.

I want to use the same server to change password with a admin account so 
i'va used ldapadmin in etc/horde/passwd3/backends.php :

$backends['ldapadmin'] = array(
    'name' => 'Example LDAP Server with Admin Bindings ',
    'preferred' => 'vsldap.isc84.org',
    'password policy' => array(
        'minLength' => 3,
        'maxLength' => 8
    ),
    'driver' => 'ldap',
    'params' => array(
        'host' => 'vsldap.isc84.org',
        'port' => 389,
        'basedn' => 'dc=isc84,dc=org',
        'admindn' => 'cn=admin,dc=isc84,dc=org',
        'adminpw' => '<password>',

        // LDAP object key attribute
        'uid' => 'mail',

        // these attributes will enable shadow password policies.
        // 'shadowlastchange' => 'shadowlastchange',
        // 'shadowmin' => 'shadowmin',
        ////'attribute' => 'clearPassword',
        'attribute' => 'userPassword',

        // this will be appended to the username when looking for the 
userdn.
        'realm' => '',

        // Use this filter when searching for the user's DN.
        'filter' => 
'(&(objectClass=IscMailAccount)(mailAccountActive=TRUE))',

        // Hash method to use when storing the password
        'encryption' => 'ssha',

        // Whether to enable TLS for this LDAP connection
        // Note: make sure the host matches cn in the server certificate
        'tls' => false
    )
);

I've configured conf.php like this :

$conf['menu']['apps'] = array();
$conf['backend']['backend_list'] = 'hidden';
$conf['user']['change'] = false;
$conf['user']['refused'] = array('root', 'bin', 'daemon', 'adm', 'lp', 
'shutdown', 'halt', 'uucp', 'ftp', 'anonymous', 'nobody', 'httpd', 
'operator', 'guest', 'diginext', 'bind', 'cyrus', 'courier', 'games', 
'kmem', 'mailnull', 'man', 'mysql', 'news', 'postfix', 'sshd', 'tty', 
'www');
$conf['password']['strengthtests'] = false;
$conf['hooks']['full_name'] = true;
$conf['hooks']['default_username'] = false;
$conf['hooks']['username'] = false;
$conf['hooks']['userdn'] = false;

There is no hook. When I try to change password I've the following :

Warning: ldap_search() [function.ldap-search 
<https://vswebmail.isc84.org/horde3/passwd/function.ldap-search>]: 
Search: Bad search filter in 
/usr/share/horde3/passwd/lib/Driver/ldap.php on line 246

Warning: ldap_first_entry(): supplied argument is not a valid ldap 
result resource in /usr/share/horde3/passwd/lib/Driver/ldap.php on line 247

Warning: Cannot modify header information - headers already sent by 
(output started at /usr/share/horde3/passwd/lib/Driver/ldap.php:246) in 
/etc/horde/passwd3/templates/common-header.inc on line 4

Warning: Cannot modify header information - headers already sent by 
(output started at /usr/share/horde3/passwd/lib/Driver/ldap.php:246) in 
/etc/horde/passwd3/templates/common-header.inc on line 5

*Failure in changing password for Example LDAP Server with Admin 
Bindings : User not found.
*
I see nothing in the log (DEBUG). What i've missed and how can I see the 
userid in the log ?

Regards

-- 
Hervé Hénoch
Responsable informatique
Institut Sainte Catherine
1750, chemin du Lavarin, 84000 Avignon
Téléphone : 04.90.27.57.44
Messagerie : h.henoch at isc84.org

More information about the sork mailing list