Page MenuHomePhorge
Files F1890

kolab_auth.inc.php
vanmeeuwen (Jeroen van Meeuwen)
Actions

Authored By
vanmeeuwen
Apr 29 2015, 10:49 AM
Size
3 KB
Referenced Files
None
Subscribers
bruederli

kolab_auth.inc.php
View Options

<?php
// The id of the LDAP address book (which refers to the rcmail_config['ldap_public'])
// or complete addressbook definition array.
$config['kolab_auth_addressbook'] = Array(
'name' => 'Kolab Auth',
'hosts' => Array('localhost'),
'port' => 389,
'use_tls' => false,
'user_specific' => false,
'base_dn' => 'ou=People,%dc',
'bind_dn' => 'uid=kolab-service,ou=Special Users,dc=kolabsys,dc=net',
'bind_pass' => 'Welcome2KolabSystems',
'writable' => false,
'ldap_version' => 3, // using LDAPv3
'fieldmap' => Array(
'name' => 'displayname',
'email' => 'mail',
'email:alias' => 'alias',
'role' => 'nsroledn',
),
'sort' => 'displayname',
'scope' => 'sub',
'filter' => '(objectClass=*)',
'fuzzy_search' => true,
'sizelimit' => '0',
'timelimit' => '0',
'groups' => Array(
'base_dn' => 'ou=Groups,dc=kolabsys,dc=net',
'filter' => '(|(objectclass=groupofuniquenames)(objectclass=groupofurls))',
'object_classes' => Array('top', 'groupOfUniqueNames'),
'member_attr' => 'uniqueMember',
),
'config_root_dn' => "cn=config",
'domain_base_dn' => "ou=Domains,dc=kolabsys,dc=net",
'domain_filter' => "(&(objectclass=domainrelatedobject)(associateddomain=%s))"
);
// This will overwrite defined filter
$config['kolab_auth_filter'] = '(&' . '(objectclass=inetorgperson)' . '(|(uid=%u)(mail=%fu)(alias=%fu)))';
// Use this fields (from fieldmap configuration) to get authentication ID
$config['kolab_auth_login'] = 'email';
// Use this fields (from fieldmap configuration) for default identity
$config['kolab_auth_name'] = 'name';
$config['kolab_auth_alias'] = 'alias';
$config['kolab_auth_email'] = 'email';
if (preg_match('/\/helpdesk-login\//', $_SERVER["REQUEST_URI"]) ) {
// Login and password of the admin user. Enables "Login As" feature.
$config['kolab_auth_admin_login'] = 'cyrus-admin';
$config['kolab_auth_admin_password'] = 'Welcome2KolabSystems';
$config['kolab_auth_auditlog'] = true;
}
// Administrative role field (from fieldmap configuration) which must be filled with
// specified value which adds privilege to login as another user.
$config['kolab_auth_role'] = 'role';
$config['kolab_auth_role_value'] = 'cn=kolab-admin,dc=kolabsys,dc=net';
// Administrative group name to which user must be assigned to
// which adds privilege to login as another user.
$config['kolab_auth_group'] = 'Kolab Helpdesk';
if (file_exists(RCUBE_CONFIG_DIR . '/' . $_SERVER["HTTP_HOST"] . '/' . basename(__FILE__))) {
include_once(RCUBE_CONFIG_DIR . '/' . $_SERVER["HTTP_HOST"] . '/' . basename(__FILE__));
}
?>

File Metadata

Mime Type
text/x-php
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
1856
Default Alt Text
kolab_auth.inc.php (3 KB)

Event Timeline

bruederli subscribed.Apr 29 2015, 11:59 AM

One note on this example though: according to the current code in rcube_ldap, the %x placeholders are only resolved if user_specific is set to true.

vanmeeuwen added a comment.Apr 29 2015, 1:32 PM

kolab_auth uses only rcube_ldap_generic.

bruederli added a comment.Apr 29 2015, 1:39 PM

Oh, then whatever magic we add to rcube_ldap as of T35 needs to added to kolab_auth_ldap::parse_vars() as well...