On 11/21/2014 06:42 PM, Matt . wrote:
Hi Dimitri,
All I can say about that is that it's configured and uses ldap this
this added to ldap:
[root@kolab roundcubemail]# ldapsearch -x -h localhost -D
"cn=Directory Manager" -w Welcome2KolabSystems -b "cn=kolab,cn=config"
# extended LDIF
#
# LDAPv3
# base <cn=kolab,cn=config> with scope subtree
# filter: (objectclass=*)
# requesting: ALL
#
# kolab, config
dn: cn=kolab,cn=config
objectClass: top
objectClass: extensibleobject
cn: kolab
# example.org, kolab, config
dn: associateddomain=example.org,cn=kolab,cn=config
objectClass: top
objectClass: domainrelatedobject
objectClass: inetdomain
associatedDomain: example.org
associatedDomain: dc=internal,dc=local
inetDomainBaseDN: dc=internal,dc=local
# search result
search: 2
result: 0 Success
# numResponses: 3
# numEntries: 2
kolab_auth.inc.php
<?php
// The id of the LDAP address book (which refers to the
rcmail_config['ldap_public'])
// or complete addressbook definition array.
$config['kolab_auth_addressbook'] = Array(
'name' => 'Kolab Auth',
'hosts' => Array('172.16.xx.xx'),
'port' => 389,
'use_tls' => false,
'user_specific' => false,
'base_dn' =>
'cn=accounts,dc=domain,dc=local',
'bind_dn' =>
'uid=admin,cn=users,cn=accounts,dc=domain,dc=local',
'bind_pass' => 'xxxxxx',
'writable' => false,
'ldap_version' => 3, // using LDAPv3
'fieldmap' => Array(
'name' => 'displayname',
'email' => 'mail',
Here you can use uid instead of mail.
Then user will be able to login into Kolab with a simple name instead of
the
longer mail.
Then you would be able to put [email protected] into the mail attribute.
It seems that Kolab assumes that mail is a single valued attribute in the
directory while in general it is not the case.
So the best would be to use come other attribute for login.
HTH.
'email:alias' => 'alias',
'role' => 'nsroledn',
),
'sort' => 'displayname',
'scope' => 'sub',
'filter' => '(objectClass=*)',
'fuzzy_search' => true,
'sizelimit' => '0',
'timelimit' => '0',
'groups' => Array(
'base_dn' => 'cn=groups,dc=domain,dc=local',
'filter' =>
'(|(objectclass=groupofuniquenames)(objectclass=groupofurls))',
'object_classes' => Array('top',
'groupOfUniqueNames'),
'member_attr' => 'uniqueMember',
),
);
// This will overwrite defined filter
$config['kolab_auth_filter'] = '(&' . '(objectclass=inetuser)' .
'(|(uid=%u)(mail=%fu)(alias=%fu)))';
// Use this fields (from fieldmap configuration) to get
authentication ID
$config['kolab_auth_login'] = 'email';
// Use this fields (from fieldmap configuration) for default
identity
$config['kolab_auth_name'] = 'name';
$config['kolab_auth_alias'] = 'alias';
$config['kolab_auth_email'] = 'email';
if (preg_match('/\/helpdesk-login\//', $_SERVER["REQUEST_URI"]) )
{
// Login and password of the admin user. Enables "Login As"
feature.
$config['kolab_auth_admin_login'] = 'admin';
$config['kolab_auth_admin_password'] = 'xxxxxx';
$config['kolab_auth_auditlog'] = true;
}
// Administrative role field (from fieldmap configuration) which
must be filled with
// specified value which adds privilege to login as another user.
$config['kolab_auth_role'] = 'role';
$config['kolab_auth_role_value'] =
'cn=kolab-admin,dc=domain,dc=local';
// Administrative group name to which user must be assigned to
// which adds privilege to login as another user.
$config['kolab_auth_group'] = 'Kolab Helpdesk';
if (file_exists(RCUBE_CONFIG_DIR . '/' . $_SERVER["HTTP_HOST"] .
'/' . basename(__FILE__))) {
include_once(RCUBE_CONFIG_DIR . '/' . $_SERVER["HTTP_HOST"] .
'/' . basename(__FILE__));
}
?>
Does this help you some ?
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
