HI Dimitri, Thanks, but it seems following the kolab devs that if kolab cannot determine the base dn, the other two do not matter.
So what would you change exactly ? There might be need changed more. I hope we can get this fixed ! Thanks, Matt 2014-11-22 0:51 GMT+01:00 Dmitri Pal <d...@redhat.com>: > On 11/21/2014 06:42 PM, Matt . wrote: >> >> Hi Dimitri, >> >> All I can say about that is that it's configured and uses ldap this >> this added to ldap: >> >> [root@kolab roundcubemail]# ldapsearch -x -h localhost -D >> "cn=Directory Manager" -w Welcome2KolabSystems -b "cn=kolab,cn=config" >> # extended LDIF >> # >> # LDAPv3 >> # base <cn=kolab,cn=config> with scope subtree >> # filter: (objectclass=*) >> # requesting: ALL >> # >> >> # kolab, config >> dn: cn=kolab,cn=config >> objectClass: top >> objectClass: extensibleobject >> cn: kolab >> >> # example.org, kolab, config >> dn: associateddomain=example.org,cn=kolab,cn=config >> objectClass: top >> objectClass: domainrelatedobject >> objectClass: inetdomain >> associatedDomain: example.org >> associatedDomain: dc=internal,dc=local >> inetDomainBaseDN: dc=internal,dc=local >> >> # search result >> search: 2 >> result: 0 Success >> >> # numResponses: 3 >> # numEntries: 2 >> >> >> kolab_auth.inc.php >> >> <?php >> >> // The id of the LDAP address book (which refers to the >> rcmail_config['ldap_public']) >> // or complete addressbook definition array. >> $config['kolab_auth_addressbook'] = Array( >> 'name' => 'Kolab Auth', >> 'hosts' => Array('172.16.xx.xx'), >> 'port' => 389, >> 'use_tls' => false, >> 'user_specific' => false, >> 'base_dn' => 'cn=accounts,dc=domain,dc=local', >> 'bind_dn' => >> 'uid=admin,cn=users,cn=accounts,dc=domain,dc=local', >> 'bind_pass' => 'xxxxxx', >> 'writable' => false, >> 'ldap_version' => 3, // using LDAPv3 >> 'fieldmap' => Array( >> 'name' => 'displayname', >> 'email' => 'mail', > > > Here you can use uid instead of mail. > Then user will be able to login into Kolab with a simple name instead of the > longer mail. > Then you would be able to put n...@domain.tld into the mail attribute. > > It seems that Kolab assumes that mail is a single valued attribute in the > directory while in general it is not the case. > So the best would be to use come other attribute for login. > > HTH. > >> 'email:alias' => 'alias', >> 'role' => 'nsroledn', >> ), >> 'sort' => 'displayname', >> 'scope' => 'sub', >> 'filter' => '(objectClass=*)', >> 'fuzzy_search' => true, >> 'sizelimit' => '0', >> 'timelimit' => '0', >> 'groups' => Array( >> 'base_dn' => 'cn=groups,dc=domain,dc=local', >> 'filter' => >> '(|(objectclass=groupofuniquenames)(objectclass=groupofurls))', >> 'object_classes' => Array('top', >> 'groupOfUniqueNames'), >> 'member_attr' => 'uniqueMember', >> ), >> ); >> >> >> // This will overwrite defined filter >> $config['kolab_auth_filter'] = '(&' . '(objectclass=inetuser)' . >> '(|(uid=%u)(mail=%fu)(alias=%fu)))'; >> >> // Use this fields (from fieldmap configuration) to get >> authentication ID >> $config['kolab_auth_login'] = 'email'; >> >> // Use this fields (from fieldmap configuration) for default identity >> $config['kolab_auth_name'] = 'name'; >> $config['kolab_auth_alias'] = 'alias'; >> $config['kolab_auth_email'] = 'email'; >> >> if (preg_match('/\/helpdesk-login\//', $_SERVER["REQUEST_URI"]) ) { >> >> // Login and password of the admin user. Enables "Login As" >> feature. >> $config['kolab_auth_admin_login'] = 'admin'; >> $config['kolab_auth_admin_password'] = 'xxxxxx'; >> >> $config['kolab_auth_auditlog'] = true; >> } >> >> // Administrative role field (from fieldmap configuration) which >> must be filled with >> // specified value which adds privilege to login as another user. >> $config['kolab_auth_role'] = 'role'; >> $config['kolab_auth_role_value'] = >> 'cn=kolab-admin,dc=domain,dc=local'; >> >> // Administrative group name to which user must be assigned to >> // which adds privilege to login as another user. >> $config['kolab_auth_group'] = 'Kolab Helpdesk'; >> >> if (file_exists(RCUBE_CONFIG_DIR . '/' . $_SERVER["HTTP_HOST"] . >> '/' . basename(__FILE__))) { >> include_once(RCUBE_CONFIG_DIR . '/' . $_SERVER["HTTP_HOST"] . >> '/' . basename(__FILE__)); >> } >> >> ?> >> >> Does this help you some ? > > > > -- > Thank you, > Dmitri Pal > > Sr. Engineering Manager IdM portfolio > Red Hat, Inc. > -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project