Zitat von [email protected]:
Zitat von [email protected]:
>
> Hello Folks!
>
> How do I limit user list based on a the ldap group of the administrator
> logged in (all is posix users and groups + shadow account) ?
>
> In my case ldap group is same as the logged in users mail domain.
> I have been looking around in the code, admin/user.php uses
$users =
> $auth->listUsers(); for listing users.
>
> Or.. maby Horde was not designed for more advanced user administration
> tasks..
No, it's not indeed. You can try to work around this by adding some
PHP code to horde/config/conf.php. You can change the filters in the
auth configuration dynamically, based on the current user. If your
user names are full DNs, you can simply extract the group from
Auth::getAuth(). Otherwise you'd have to do a separate LDAP lookup.
I tried to add some PHP code in horde/config/conf.php which set $conf
['auth']['params']['filter'] so it sorts our users by group fails with
Auth::getAuth(), It seems like conf.php is read in before I have the user
logged in, only I could get hold of logged in user at this stage it would
work, Faking a user by setting it static in conf.php additional code makes
it work for that user.
Then trying use set _horde_hook_preauthenticate almost works, now
Auth::getAuth()is populated correctly and $GLOBALS
['conf']['auth']['params']['filter'] is also set, BUT the value seems to
get lost, because if I print it out in the lib/Horde/Auth/ldap.php
listUsers() function (echo 'filter ' . $filter;) the old filter value get
back again.
I got the feeling that it is something with GLOBALS preventing me to set a
proper value to filter, how do I confinue ?
The configuration is cached in the session. Try a:
$GLOBALS['registry']->clearCache();
before changing the configuration parameter.
Jan.
--
Do you need professional PHP or Horde consulting?
http://horde.org/consulting/
--
IMP mailing list - Join the hunt: http://horde.org/bounties/#imp
Frequently Asked Questions: http://horde.org/faq/
To unsubscribe, mail: [email protected]
