[sork] Sork passwd with LDAP

Jan Schneider jan at horde.org
Fri Sep 4 09:41:04 UTC 2009 

Zitat von Hervé Hénoch <h.henoch at isc84.org>:

> Helo,
>
> I have a problem for setting passwd module. I have a LDAP server for  
> authentication which is running fine.
>
> I want to use the same server to change password with a admin  
> account so i'va used ldapadmin in etc/horde/passwd3/backends.php :
>
> $backends['ldapadmin'] = array(
>    'name' => 'Example LDAP Server with Admin Bindings ',
>    'preferred' => 'vsldap.isc84.org',
>    'password policy' => array(
>        'minLength' => 3,
>        'maxLength' => 8
>    ),
>    'driver' => 'ldap',
>    'params' => array(
>        'host' => 'vsldap.isc84.org',
>        'port' => 389,
>        'basedn' => 'dc=isc84,dc=org',
>        'admindn' => 'cn=admin,dc=isc84,dc=org',
>        'adminpw' => '<password>',
>
>        // LDAP object key attribute
>        'uid' => 'mail',
>
>        // these attributes will enable shadow password policies.
>        // 'shadowlastchange' => 'shadowlastchange',
>        // 'shadowmin' => 'shadowmin',
>        ////'attribute' => 'clearPassword',
>        'attribute' => 'userPassword',
>
>        // this will be appended to the username when looking for the userdn.
>        'realm' => '',
>
>        // Use this filter when searching for the user's DN.
>        'filter' => '(&(objectClass=IscMailAccount)(mailAccountActive=TRUE))',
>
>        // Hash method to use when storing the password
>        'encryption' => 'ssha',
>
>        // Whether to enable TLS for this LDAP connection
>        // Note: make sure the host matches cn in the server certificate
>        'tls' => false
>    )
> );
>
> I've configured conf.php like this :
>
> $conf['menu']['apps'] = array();
> $conf['backend']['backend_list'] = 'hidden';
> $conf['user']['change'] = false;
> $conf['user']['refused'] = array('root', 'bin', 'daemon', 'adm',  
> 'lp', 'shutdown', 'halt', 'uucp', 'ftp', 'anonymous', 'nobody',  
> 'httpd', 'operator', 'guest', 'diginext', 'bind', 'cyrus',  
> 'courier', 'games', 'kmem', 'mailnull', 'man', 'mysql', 'news',  
> 'postfix', 'sshd', 'tty', 'www');
> $conf['password']['strengthtests'] = false;
> $conf['hooks']['full_name'] = true;
> $conf['hooks']['default_username'] = false;
> $conf['hooks']['username'] = false;
> $conf['hooks']['userdn'] = false;
>
> There is no hook. When I try to change password I've the following :
>
> Warning: ldap_search() [function.ldap-search  
> <https://vswebmail.isc84.org/horde3/passwd/function.ldap-search>]:  
> Search: Bad search filter in  
> /usr/share/horde3/passwd/lib/Driver/ldap.php on line 246

Just a wild guess, but try the filter without the surrounding parentheses.

Jan.

-- 
Do you need professional PHP or Horde consulting?
http://horde.org/consulting/

More information about the sork mailing list