[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [phpGroupWare-users] LDAP and batch create users

From: Dave Hall
Subject: Re: [phpGroupWare-users] LDAP and batch create users
Date: Fri, 15 Dec 2006 23:55:33 +1100

Hi Raymond,

On Thu, 2006-12-14 at 11:20 -0700, Raymond Chan wrote:
> Hello all,
> I'm new to phpGroupware and to the forums.  

Welcome ! :)

> I currently use it in a university department where different lab
> research groups need to collaborate on projects.  phpGroupware is
> perfect for this tasks because it allows important things like file
> sharing and calendaring in a straghtforward manner.
> However, I want to ask some advice on creating users.  I apologize if
> this has been covered, but I could not find it after many searches and
> reviewing of the threads.  
> As a demonstration, I created a domain and added a group and all its
> associated users manually, enabled only certain applications, and
> modified appropriate ACLs.
> However, my department has over 80 groups which all have pretty
> separate needs.  This means I want to create 80 domains.  Is this a
> bad idea?  I know the drop down menu will be huge when choosing
> domains on the login page (perhaps I'll separate the domain listing
> into different pages if worse comes to worse).  

I am unsure if domains is the optimum solution for you.  It is possible
to "auto detect" the domain based on server hostname.

So for example in the apache config you could have

<VirtualHost default:80>

Then the domain will be selected based on which URL the user uses to
access phpgw.

But again I don't think this is the ideal solution for you.  Domains are
really intended to be used when you want to keep users totally separate,
whereas I suspects there will be some overlap betweek your 80 or so

> The main issue is, how do I batch create users into a domain with all
> the same ACLs and access to only certain apps?  I'll probably manually
> declare a admin for that domain to be the lab manager or the
> professor.

It would be possible to batch create the users and groups in a single
install and even add the ACLs.  This is not something we have an off the
shelf script for but it shouldn't be too hard to create one.

> I saw LDAP in the settings, but I don't think this can apply to me.
> The university has a huge LDAP directory where I have public read
> access to a few things such as name, university computer account
> userid, etc to all members of the university (including those outside
> my dept.) but I don't have super privileges to this directory, and it
> seems phpGW needs a super user password to the LDAP server which of
> course they would never give me.  Also, the campus LDAP does not store
> any passwords, so how would I authenticate?

The admin access is not a requirement for authentication, and there are
work arounds for when you don't have access to it.  The lack of a access
to the password is show stopper.

You may be able to suck the name and loginids from ldap by batch to
populate either your private departmental ldap server or the phpgw db.

I don't have a prepared solution for you, but we as a project should be
able to help you work something out



Dave Hall (aka skwashd)
API Coordinator
e address@hidden
j address@hidden
sip address@hidden
       _            ____                    __        __             
 _ __ | |__  _ __  / ___|_ __ ___  _   _ _ _\ \      / /_ _ _ __ ___ 
| '_ \| '_ \| '_ \| |  _| '__/ _ \| | | | '_ \ \ /\ / / _` | '__/ _ \
| |_) | | | | |_) | |_| | | | (_) | |_| | |_) \ V  V / (_| | | |  __/
| .__/|_| |_| .__/ \____|_|  \___/ \__,_| .__/ \_/\_/ \__,_|_|  \___|
|_|         |_|                         |_|Web based collaboration platform

reply via email to

[Prev in Thread] Current Thread [Next in Thread]