[ZendTo] Re: Using a custom Active Directory attribute for email addresses?
Alexander Fisher
alex at alexfisher.me.uk
Thu Feb 6 15:20:02 GMT 2014
On 6 February 2014 11:50, Alexander Fisher <alex at alexfisher.me.uk> wrote:
> Hi
>
> I have a situation as follows.
>
> I'm creating two zendto sites: dropoff.companyname1.com and
> dropoff.companyname2.com
>
> I'll skin each site differently, but the internal users for both sites
> will be the same and authenticated against AD. Each user has one email
> account, with several aliases. ie user.name at companyname1.com and
> user.name at companyname2.com etc.
>
> Can I easily change the LDAP field used to fetch the email address to
> perhaps a custom attribute I extend the Active Directory schema with?
>
> Or maybe it would be best to fetch the email address from the standard
> ldap:mail attribute and replace the domain part with that of the site being
> used?
>
> Has anybody else needed to do something like this? What approach would
> you go for?
>
> Many thanks,
> Alex
>
>
Hi again
I've managed to get the second approach working. Does the following patch
look sane?
--- lib/NSSAuthenticator.php.bak 2014-02-06 14:14:28.124778074 +0000
+++ lib/NSSAuthenticator.php 2014-02-06 15:11:49.495180022 +0000
@@ -35,6 +35,7 @@
private $_adminList = NULL;
private $_statsList = NULL;
private $_defaultEmailDomain = NULL;
+ private $_overrideEmailDomain = NULL;
/*!
@function __construct
@@ -54,6 +55,9 @@
if ( $prefs['authStats'] ) {
$this->_statsList = $prefs['authStats'];
}
+ if ( $prefs['overrideEmailDomain'] ) {
+ $this->_overrideEmailDomain = $prefs['overrideEmailDomain'];
+ }
}
/*!
@@ -132,6 +136,11 @@
if ( $response['mail'] == "" ) {
$response['mail'] = $uname . '@' . $this->_defaultEmailDomain;
}
+ if ( $this->_overrideEmailDomain ) {
+ $user_part = strstr( $response['mail'], "@", true);
+ $response['mail'] = $user_part . '@' . $this->_overrideEmailDomain;
+ //error_log ( "ValidUsername: " . $response['mail'] );
+ }
}
return TRUE;
}
@@ -173,6 +182,11 @@
if ( $response['mail'] == "" ) {
$response['mail'] = $uname . '@' . $this->_defaultEmailDomain;
}
+ if ( $this->_overrideEmailDomain ) {
+ $user_part = strstr( $response['mail'], "@", true);
+ $response['mail'] = $user_part . '@' . $this->_overrideEmailDomain;
+ //error_log ( "authenticate: " . $response['mail'] );
+ }
}
return TRUE;
}
If a new overrideEmailDomain variable is defined in preferences.php, that
domain name is used to replace whatever domain name part existed in the
email address fetched from LDAP/ActiveDirectory.
Any chance of getting this patch or something similar included in the next
version of zend.to?
Kind Regards,
Alex
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20140206/723ed6d5/attachment.html
More information about the ZendTo
mailing list