Ben - patches look good and clean, I've committed them and they'll be 
in Horde 3.1. Thanks!

...and here's the second patch!

Here's my proposed solution to this problem:



Horde's Prefs ldap driver requires either

     A) a root DN and password to search for and modify a user's prefs

fields, or

     B) a simple-to-concatenate user DN formula (such

$conf['prefs']['params']['uid'] + a $base_dn)



A) is a problem because root binds to an LDAP server are neither

necessary nor desired to do most any user-level write operations.

B) is a problem because my (like the original poster's) person schema 
does not conform to such a simplistic formula. DNs look like this:



     ueid=84kjasd99,ou=8,ou=people,dc=enc,dc=edu



The solution is to make the Prefs ldap driver behave like most LDAP apps

that need to do write operations: do an anonymous bind, search for the

entry to modify using a filter, then rebind as the DN of that entry and

do the write.



This is a config issue, and horde admins should be aware of the 
option. To this end, I added an option under LDAP-config Preferences 
in conf.xml.

I am using the LDAP-Preferences System

The users in the LDAP-tree are organized hierarchicaly in different 
organizational units.

When binding to the LDAP-server we have to determine the user's full DN.

In the current code (/horde/lib/Horde/Prefs/ldap.php v1.85.10.4) the 
bind DN is hardcoded like this:

     $bind_dn = sprintf('%s=%s,%s', $this->_params['uid'][0],

                                    $this->_params['username'],

                                    $this->_params['basedn']);



In our opinion it would be more advantageous to use the code attached, 
to avoid this hardcoding.