[#6155] Provides non-anonymous LDAP bind for DN searching
| Summary | Provides non-anonymous LDAP bind for DN searching |
| Queue | Vacation |
| Queue Version | 3.0.1 |
| Type | Enhancement |
| State | Assigned |
| Priority | 2. Medium |
| Owners | Jan Schneider <jan (at) horde (dot) org> |
| Requester | stephens (at) ameslab (dot) gov |
| Created | 01/26/2008 (106 days ago) |
| Due | |
| Updated | 01/31/2008 (101 days ago) |
| Assigned | 01/31/2008 (101 days ago) |
| Resolved | |
| Attachments | vacation-3.0.1-no-anon-search.patch.txt  |
| Milestone | |
| Patch |
Assigned to Jan Schneider
New Attachment: vacation-3.0.1-no-anon-search.patch.txt
Queue ⇒ Vacation
Summary ⇒ Provides non-anonymous LDAP bind for DN searching
Type ⇒ Enhancement
Priority ⇒ 2. Medium
State ⇒ New
Our security policy on the LDAP directory we use for email does not permit
anonymous binds. This conflicts with apparent assumptions in the SORK
Vacation LDAP driver
Attached is a tested and relatively straightforward patch for the SORK module
vacation-h3-3.0.1 that provides the following features:
* A non-anonymous bind for searching a user DN in the _lookupdn() method,
while at the same performing the LDAP attribute changes while bound as
the currently logged-in user's DN.
* A boolean module configuration variable to control activation of this DN
search mode. Setting this variable value to FALSE was tested to correctly
revert to the unpatched logic for the binddn setting.
* Debugging output now shows what DN, if any, was used to bind with to
perform the search in _lookupdn().
After this patch is applied, it is necessary to regenerate a new conf.php
module configuration file.