summaryrefslogtreecommitdiff
path: root/config
diff options
context:
space:
mode:
authorThomas Bruederli <thomas@roundcube.net>2013-10-25 16:54:58 +0200
committerThomas Bruederli <thomas@roundcube.net>2013-10-25 16:54:58 +0200
commit3ce7c568267878b148121237474af155c282019d (patch)
tree0cac12685e99cc1ef2e36a6a3fc5964c80520c07 /config
parent98b7b548a229600f7653cd67d9aae43675938143 (diff)
Applied the (modified) patch to extend configuration possibilities of LDAP address books as suggested in #1488753:
- Add option to specify arbitrary replacements of config options with attributes from the bound user - Allow mapping of group object class => member attribute used in these objects - Describe the 'member_filter' property for groups config
Diffstat (limited to 'config')
-rw-r--r--config/defaults.inc.php23
1 files changed, 15 insertions, 8 deletions
diff --git a/config/defaults.inc.php b/config/defaults.inc.php
index ed58b7f0e..9e4ba11bf 100644
--- a/config/defaults.inc.php
+++ b/config/defaults.inc.php
@@ -687,6 +687,8 @@ $config['ldap_public']['Verisign'] = array(
// DN and password to bind as before searching for bind DN, if anonymous search is not allowed
'search_bind_dn' => '',
'search_bind_pw' => '',
+ // Optional map of replacement strings => attributes used when binding for an individual address book
+ 'search_bind_attrib' => array(), // e.g. array('%udc' => 'ou')
// Default for %dn variable if search doesn't return DN value
'search_dn_default' => '',
// Optional authentication identifier to be used as SASL authorization proxy
@@ -768,14 +770,19 @@ $config['ldap_public']['Verisign'] = array(
// if the groups base_dn is empty, the contact base_dn is used for the groups as well
// -> in this case, assure that groups and contacts are separated due to the concernig filters!
'groups' => array(
- 'base_dn' => '',
- 'scope' => 'sub', // Search mode: sub|base|list
- 'filter' => '(objectClass=groupOfNames)',
- 'object_classes' => array("top", "groupOfNames"),
- 'member_attr' => 'member', // Name of the member attribute, e.g. uniqueMember
- 'name_attr' => 'cn', // Attribute to be used as group name
- 'member_filter' => '(objectclass=*)', // Optional filter to use when querying for group members
- 'vlv' => false, // Use VLV controls to list groups
+ 'base_dn' => '',
+ 'scope' => 'sub', // Search mode: sub|base|list
+ 'filter' => '(objectClass=groupOfNames)',
+ 'object_classes' => array('top', 'groupOfNames'), // Object classes to be assigned to new groups
+ 'member_attr' => 'member', // Name of the default member attribute, e.g. uniqueMember
+ 'name_attr' => 'cn', // Attribute to be used as group name
+ 'email_attr' => 'mail', // Group email address attribute (e.g. for mailing lists)
+ 'member_filter' => '(objectclass=*)', // Optional filter to use when querying for group members
+ 'vlv' => false, // Use VLV controls to list groups
+ 'class_member_attr' => array( // Mapping of group object class to member attribute used in these objects
+ 'groupofnames' => 'member',
+ 'groupofuniquenames' => 'uniquemember'
+ ),
),
// this configuration replaces the regular groups listing in the directory tree with
// a hard-coded list of groups, each listing entries with the configured base DN and filter.