Summary | ldap driver Vs MSAD |
Queue | Horde Framework Packages |
Queue Version | HEAD |
Type | Enhancement |
State | Resolved |
Priority | 1. Low |
Owners | chuck (at) horde (dot) org |
Requester | fhelly (at) bebop-design (dot) net |
Created | 04/14/2006 (6996 days ago) |
Due | |
Updated | 08/01/2007 (6522 days ago) |
Assigned | 10/13/2006 (6814 days ago) |
Resolved | 07/31/2007 (6523 days ago) |
Milestone | |
Patch | Yes |
the Horde Project? Thanks!
msad driver? This module is a sub-class of code that he wrote. Did
he work on this too?
the Horde Project? Thanks!
State ⇒ Resolved
Assigned to Chuck Hagenbuch
experimental extension; once it has some more testing or you have time
to come back to it we can add the appropriate conf.xml entries. Alright?
Thanks!
Version ⇒ HEAD
Queue ⇒ Horde Framework Packages
State ⇒ Accepted
need to be made to the passwd code? Or should this be strictly a
framework ticket?
september or october (2007). I can't perform any further tests until
this period. The code I sent is used by two frameworks I configured
for my clients.
So, at this stage, I think this ticket is strictly a framework one.
Taken from
State ⇒ Feedback
to be made to the passwd code? Or should this be strictly a framework
ticket?
State ⇒ Assigned
New Attachment: msad.php
- I tested addUser but I had some problems with AD account activation,
if someone could resolve it;
- I run authentication with multiple alias for uid : array('initials',
'email', 'samaccountname') and works fine against a 2003 server;
- I test removeUser and worked fine (with a bind user);
- I test listUser, the problem is always to configure the appropriate filter.
So maybe we can change a bit the configuration parameters (conf.xml) for :
configure an array used to create the filter for user list and
configure an array used to generate the path to the user's account in
the AD schema...
For some fonctionnalities such as resetPassword, maybe the right way
is to use the authenticated user to bind against the server not an
admin user ...
(see password)
State ⇒ Feedback
Priority ⇒ 1. Low
if we want to initialize users and passwords through ldap binding.
Last year I wrote an extension of the Auth_ldap class called
Auth_msad because I didn't want to have to configure a hook for
authentication (it was against H 3.0): maybe the way is to separate
AD specifics from non-AD servers in Password application and in Auth
class? The way AD stores dates and manages expiration date of
password seems to be really specific too.
we want to initialize users and passwords through ldap binding.
Last year I wrote an extension of the Auth_ldap class called Auth_msad
because I didn't want to have to configure a hook for authentication
(it was against H 3.0): maybe the way is to separate AD specifics from
non-AD servers in Password application and in Auth class? The way AD
stores dates and manages expiration date of password seems to be
really specific too.
State ⇒ Feedback
anyone verify that ldap_get_values_len() works properly with non-AD
servers?
Priority ⇒ 2. Medium
State ⇒ Unconfirmed
Queue ⇒ Passwd
Type ⇒ Bug
Summary ⇒ ldap driver Vs MSAD
Active Directory.
When checking password,
use ldap_get_values_len() instead of ldap_get_values()
in passwd/lib/Driver/ldap.php line 136.