[prev in list] [next in list] [prev in thread] [next in thread]
List: horde
Subject: Re: [horde] Problems changing passwords
From: Jan Schneider <jan () horde ! org>
Date: 2016-01-21 13:42:11
Message-ID: 20160121144211.Horde.sQPKN4k-BocEQFpth3KvefF () neo ! wg ! de
[Download RAW message or body]
Zitat von Ralph Ballier <ballier@mail.schule.de>:
> Zitat von Jan Schneider <jan@horde.org>:
>
>> Zitat von Ralph Ballier <ballier@mail.schule.de>:
>>
>>> Hello,
>>>
>>> we use LDAP for authentication. BaseDN is
>>> ou=davinci,ou=people,dc=school,dc=de, search is sub.
>>>
>>> DN of user alice is: uid=alice,ou=davinci,ou=people,dc=school,dc=de
>>>
>>> DN of user bob is:
>>> uid=bob,ou=others,ou=davinci,ou=people,dc=school,dc=de
>>>
>>> Authentication of alice and bob are no problem.
>>>
>>> Now alice and bob try to change here password.
>>>
>>> alice: no problem
>>>
>>> bob: It don't work (invalid credentials)
>>>
>>> You see in the logfile, that slapd try to bind with
>>> uid=bob,ou=davinci,ou=people,dc=school,dc=de , but this DN don't
>>> exists.
>>
>> Then where did it get the DN from?
>>
>> --
>> Jan Schneider
>> The Horde Project
>> http://www.horde.org/
>>
>
> I mean, it is not a problem to find the user DN, if you make a search with
> "sub" and then bind to the correct DN.
>
> But if you write to this DN (perhaps for changing the password), slapd must
> take the same DN, which he has found before. But I suppose, it takes the
> baseDN, which is found in horde/passwd/config/backends.local.php ('basedn'
> => 'ou=davinci,ou=people,dc=school,dc=de').
Correct, this is the fall back if any other way to determine the DN
fails. These options are tried in the specified order:
1) 'userdn' parameter in backends[.local].php
2) userdn() hook in hooks.php
3) user + base dn
So what you probably want is a userdn() hook.
--
Jan Schneider
The Horde Project
http://www.horde.org/
--
Horde mailing list
Frequently Asked Questions: http://horde.org/faq/
To unsubscribe, mail: horde-unsubscribe@lists.horde.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic