phpgroupware-users
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[phpGroupWare-users] Re: Re: phpGW for Unix users managed by LDAP


From: Emanuel Ziegler
Subject: [phpGroupWare-users] Re: Re: phpGW for Unix users managed by LDAP
Date: Thu, 26 Oct 2006 09:36:31 -0700 (MST)


Hi Dave!

Dave Hall wrote on Thu, 26 October 2006 15:30
> The email login you use is the same as the phpgw login?  And the
> passwords are the same too?


Yes, they both use the LDAP database.

Dave Hall wrote on Thu, 26 October 2006 15:30
> It did work, it caches the data to reduce the load on your mail server and to 
> work around a limitation of the imap c-client library on larger installs.


Ah, I knew it doesn't stay connected but I thought it connects every time I 
reload the page and disconnects after the information was retrieved.

Dave Hall wrote on Thu, 26 October 2006 15:30
> Hmmm ... there might be a patch (or hack) we can come up with for you
> there :)


That would be nice. The main problem is to add paths to the certificates needed.

Dave Hall wrote on Thu, 26 October 2006 15:30
> It does if you add the phpgw attributes to your existing tree (test on a non 
> production environment first).  It also works if you import your whole tree 
> into sql accounts.  Neither of these are optimal, but maybe we can come up 
> with something at the conference in Paris next month.


Yes, I'm using the SQL solution at the moment and use LDAP only for 
authentication. Accounts in SQL are automatically created so I don't have to 
import them.

Dave Hall wrote on Thu, 26 October 2006 15:30
> phpgw runs as apache.  I suppose you could create a daemon which runs on the 
> box as root which phpgw connects to for file management.  I am not offering 
> to cost such a monster.  It would be like having a root account with a 2 
> ascii character password.  I think it is a bad idea, not only from a security 
> perspective, but also it goes against the design of the phpgw virtual file 
> system (vfs) which filemanager sits on top of.


I didn't think of a daemon but a SUID program. This could be started by any 
user, but it might check who started it. But anyway, I think I wouldn't dare to 
deal with such dangerous things either :)

Dave Hall wrote on Thu, 26 October 2006 15:30
> Did you set the path for the vfs correctly in setup?  Is it owned by
> www-data:www-data (or the apache user and group) mode 770 ?  Try that and it 
> should work fine.


Yes, I did set it to /srv/phpgroupware/home (www-data:www-data rwxrwx---) but 
it insists on /home/eziegler (which does not exist and cannot be created since 
the automounter accesses /home) where it thinks to find another directory 
eziegler (which I cannot access).

But the filemanager is not important to me if it is too complicated for the 
users to access their data. Experience shows that a feature that needs more 
than one minute to use is going not to be used at all. (e.g. People here don't 
spend 10 seconds to check the printer queue to find out why their job didn't 
print but prefer to resend it again and again - after 5 times they tell the 
admin that the printer is broken although it's just jammed or paper is missing 
:roll:).

Ciao,
    Emanuel
Sent from the phpGroupWare forums @ http://forums.phpGroupWare.org




reply via email to

[Prev in Thread] Current Thread [Next in Thread]