Update: Kolab/Horde - problem with ext. LDAP & IMAP

Gunnar Wrobel wrobel at pardus.de
Thu Feb 21 09:12:05 CET 2008


Andre Mathibe <andre.mathibe at mortgage-services.de> writes:

> Hi Gunnar
> Am Mittwoch, 20. Februar 2008 schrieb Gunnar Wrobel:
>> I wouldn't expect this to work. If you go into the Auth class and
>> modify it so that you can use the UID I believe you will break Horde
>> in many places. I did not analyze the situation in detail but I
>> believe when Horde accesses the Kolab IMAP server a lot of the
>> procedures are dependent on knowing the users mail address.
>>
>> Maybe there are workarounds to some parts and you could probably even
>> recode it so that Horde internally uses the UID and always calls back
>> on LDAP to get the mail address if required. But somehow I don't think
>> this makes much sense or would be worth the effort.
>>
>> The current solution allows UID login by simply rewriting the UID to
>> the mail address on the login and thus getting the primary identifier
>> early on. On a standard Kolab server this works just fine.
>>
>> Maybe you can describe in more detail why you need it to work with the
>> UID?
>>
> .... because i have a fully functional 50User infrastructure (completely 
> everywhere with LINUX/BSD) with an OpenLDAP as a central authentication 
> backend.
> It works perfectly since a few years,... we use Kontact, calender is stored in 
> dimap, shared emailfolders, many addressbooks (stored in LDAP) etc. Our 
> applications (mostly webbased) are using LDAP as backend.
> So the user only have to know (and change) one(!) password to login to 
> different apps wherever a login is needed.
> KOLAB/Horde would fit perfectly in our envoirement (with any necessary small 
> adjustments,... i thought....) because it uses the same products out of the 
> box as we always here have,......
> Now,.... i have to attach some branch offices to our infratructure with 
> Windowsclients, Outlook-possesd users and the requirement to access all 
> functions via webclient,.....  KOLAB/HORDE/Toltec-Conn. is IMHO the only key 
> for success.....

Okay, sounds reasonable. But it did not explain why you need Horde to
log in via UID to IMAP? Your users should be perfectly fine to log in
to Horde via UID. It just gets rewritten to the mail address
internally. So the users have no additional burden.

>
> btw,.... back to my auth-problem,....when i´ve logged in to HORDE and i open 
> in the Webmail-Tree in the left navbar, a login screen appears. Logging in 
> with the normal credentials (uid) a second time, the whole IMAP access is 
> present through HORDE. That is confusing, so HORDE is authenticating to IMAP 
> with the users uid and not with the eMail-address.
>
> .... any help and idea in any way would be appreciated,... 

This is definitely not the standard behaviour. Horde can of course
authenticate to the IMAP with the UID I just assume that it breaks the
other apps in many places if you do so.

Cheers,

Gunnar

>
> -- 
> Andre Mathibe
> -----------------get my public Key-------------------------------
> http://keyserver.veridis.com:11371/export?id=-8646218058318079175
> -----------------------------------------------------------------
> "If Microsoft is the solution, I want my problem back." -- Unknown
>
> "The only reason for time is so that everything doesn't happen at once." -- 
> Albert Einstein
> _______________________________________________
> Kolab-users mailing list
> Kolab-users at kolab.org
> https://kolab.org/mailman/listinfo/kolab-users

-- 
______ http://kdab.com _______________ http://kolab-konsortium.com _

p at rdus Kolab work is funded in part by KDAB and the Kolab Konsortium

____ http://www.pardus.de _________________ http://gunnarwrobel.de _
E-mail : p at rdus.de                                 Dr. Gunnar Wrobel
Tel.   : +49 700 6245 0000                          Bundesstrasse 29
Fax    : +49 721 1513 52322                          D-20146 Hamburg
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
   >> Mail at ease - Rent a kolab groupware server at p at rdus <<                 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




More information about the users mailing list