I'll look at the patch when I have a moment. Thanks.

After doing a fresh install on my test server, the solution in cvs is 
working. I don't know what was broken, so I think the ticket can get 
closed as solved.



If you like, you can nevertheless have a look at my proposed change. I 
believe it decreases the roundtrips to the LDAP server because during 
the first step (connect) the attribute/value pair is stored and 
re-used in subsequent requests, so that the iteration through the 
array isn't needed for the other steps.

Here is an updated patch. There is still one TODO, the hardcoded 
'mail' (preferred lookup filed in LDAP) should be replaced by the 
first item in the array of the lookup fields. I'm lacking a bit of PHP 
skills here. I've tested the patch and it's working while the original 
changes alone don't work on my system and seem to be inefficient too.

Find a better (and working) solution in the attached file. Please 
note, I don't have PHP skills, so some optimization and roundup might 
be necessary. Feel free to change the code and remove my additional 
debug statements.

Hi, applying the change lets me loose all options I've set for a user 
(default identity, language settings, etc.). To get the settings 
working again, one can change the array in kolab.php back to



$params['uid'] = array('mail');



I wonder a little bit about the approach to the problem. Wouldn't it 
help to do the first LDAP lookup based on the data in the array to 
retrieve the primary mail address and operate on that one in all 
subsequent lookups?

Anyway, the current state of the sources isn't really an improvement.

Forgot to mention: the patch 
<http://cvs.horde.org/diff.php/framework/Prefs/Prefs/kolab.php?r1=1.2&r2=1.3&ty=u> is also needed in order for the Kolab prefs driver to actually make use of the new 
functionality.

I've committed a patch that should fix this: 
<http://cvs.horde.org/diff.php/framework/Prefs/Prefs/ldap.php?r1=1.86&r2=1.87&ty=u>



One minor problem I've noticed is the "Last login:" notice on the 
portal page is not consistent between two logins using email and uid 
fields (it ends up being "Never" for one of the logins).

After some debugging it turned out that I can use my login name as 
well as my e-mail address to authenticate in the Horde frontend.

The ldap search is done via mail=<used login>, but this of course 
cannot work when I used my uid to log into Horde. The query would have 
to be uid=<used login> and that's not supported currently.

Using my e-mail address when logging into Horde results in proper LDAP 
lookups.

The problem behind the errors is IMO that Horde tries to find instances of

class hordePerson using uid=<login> which will return an inetOrgPerson

instance in the Kolab LDAP tree.



If you manipulate Prefs/ldap.php, you can avoid those lines. Just comment

out the section below the comment /* Send the hash to the LDAP server. */

in Prefs_ldap.store() and let the "if ($search)" some lines above evaluate

to false.