Last Modified 2009-01-08 by Guest

Using LDAP to store Horde/IMP Preferences

Written by Lacroix Francois (lacroix.francois [at] gmail [dot] com)

This document is intended to help administrators set up a LDAP to store Horde and IMP prefs.

1- Installing schema

Copy the horde/scripts/ldap/horde.schema to /etc/ldap/schema/
Restart your ldap server.

2- Horde Setup

Storing Horde preferences in the LDAP directory adds a large number of attribute entries to every user DN. If this is something you do not want, you should look into using some other preference backend.

To use LDAP to store Horde preferences, set the preference system to use LDAP as its backend. The field values here are very simular to the Horde configuration.

* The hostname of the LDAP server - This is the address of your LDAP server. If you have a master and one or more slave LDAP servers, you can provide failover here by entering all of your LDAP servers separated by a space. For ldaps, use ldaps://<hostname> in this field.
* The port of the LDAP server - This is the port that your LDAP server is listening on. Most commonly, this will be 389.
* LDAP Protocol Version - This should almost always be LDAPv3.
* The base DN for the LDAP server - This is the subtree that horde will search through to find user preference information.
* The DN of the root (administrative) account to bind for write operations - This is not actually asking for the LDAP root account, this is just the DN that horde uses to bind to the LDAP directory. This account should have write priveleges to the preference fields, as shown below.
* The password of the root DN for bind authentication - The password associated with the binding account.
* The username search key - This is the field that stores the username.

3- Configuring horde

Horde config/prefs.php

Set pref hooks to true.
* hook: Call a hook function for the value of this preference
* true: Will call the function _prefs_hook_<prefname>
* to fill in the value of this preference.
* See hooks.php for more details.
* false: Normal behaviour - no hook is called.

// user full name for From: line
// If you lock this preference, you must specify a value or a hook for it in
// horde/config/hooks.php.
$_prefs['fullname'] = array(
    'value' => '',
    'hook' => true,
    'locked' => false,
    'shared' => true,
    'type' => 'text',
    'desc' => _("Your full name:")

// user preferred email address for From: line
// If you lock this preference, you must specify a value or a hook for it in
// horde/config/hooks.php.
$_prefs['from_addr'] = array(
    'value' => '',
    'hook' => true,
    'locked' => false,
    'shared' => true,
    'type' => 'text',
    'desc' =>  _("Your From: address:")

Horde config/hooks.php

* NOTE 1: Having a hook function in this file does NOT mean that the hook
* will automatically be used. YOU MUST enable the hook. For preferences, set
* 'hook' => true in that preferences attributes; for other hooks, there will
* be a configuration option in each application's conf.php file such as
* $conf['hooks']['hookname'] which must be set to true.
* NOTE 2: Preferences hooks are ONLY executed on login. Preferences are
* cached during a users session and, to avoid unnecessary overhead every time
* a preference is accessed, the results of hooks are cached as well. This
* leads to ...
* NOTE 3: Any preference that is NOT LOCKED, that is set by a hook, WILL BE
* SAVED WITH THAT VALUE. This means several things:
* 1) Users will get the results of the hook set for them in their
* preferences.
* 2) By virtue of this, the next time they log in and load their
* preferences, the hook will NOT be called, because in their last session,
* we saved the results of the hook for them. However, if the preference is
* locked, the result of the hook will never be saved.

Uncomment and configure the hook you actived.

By modify $ldapServer, $ldapPort, $searchBase

See Also