[ZendTo] Re: Using a custom Active Directory attribute for email addresses?
Jules
Jules at Zend.To
Fri Feb 7 09:57:43 GMT 2014
If you did it with a separate custom attribute, you would just replace
the "mail" attribute with the name of your custom attribute. You should
only have to apply a simple edit to NSSADAuthenticator.php.
Jules.
On 06/02/2014 15:20, Alexander Fisher wrote:
> On 6 February 2014 11:50, Alexander Fisher <alex at alexfisher.me.uk
> <mailto:alex at alexfisher.me.uk>> wrote:
>
> Hi
>
> I have a situation as follows.
>
> I'm creating two zendto sites: dropoff.companyname1.com
> <http://dropoff.companyname1.com> and dropoff.companyname2.com
> <http://dropoff.companyname2.com>
>
> I'll skin each site differently, but the internal users for both
> sites will be the same and authenticated against AD. Each user
> has one email account, with several aliases. ie
> user.name at companyname1.com <mailto:user.name at companyname1.com> and
> user.name at companyname2.com <mailto:user.name at companyname2.com> etc.
>
> Can I easily change the LDAP field used to fetch the email address
> to perhaps a custom attribute I extend the Active Directory schema
> with?
>
> Or maybe it would be best to fetch the email address from the
> standard ldap:mail attribute and replace the domain part with that
> of the site being used?
>
> Has anybody else needed to do something like this? What approach
> would you go for?
>
> Many thanks,
> Alex
>
>
> Hi again
>
> I've managed to get the second approach working. Does the following
> patch look sane?
>
> --- lib/NSSAuthenticator.php.bak 2014-02-06 14:14:28.124778074
> +0000
> +++ lib/NSSAuthenticator.php 2014-02-06 15:11:49.495180022 +0000
> @@ -35,6 +35,7 @@
> private $_adminList = NULL;
> private $_statsList = NULL;
> private $_defaultEmailDomain = NULL;
> + private $_overrideEmailDomain = NULL;
>
> /*!
> @function __construct
> @@ -54,6 +55,9 @@
> if ( $prefs['authStats'] ) {
> $this->_statsList = $prefs['authStats'];
> }
> + if ( $prefs['overrideEmailDomain'] ) {
> + $this->_overrideEmailDomain = $prefs['overrideEmailDomain'];
> + }
> }
>
> /*!
> @@ -132,6 +136,11 @@
> if ( $response['mail'] == "" ) {
> $response['mail'] = $uname . '@' . $this->_defaultEmailDomain;
> }
> + if ( $this->_overrideEmailDomain ) {
> + $user_part = strstr( $response['mail'], "@", true);
> + $response['mail'] = $user_part . '@' .
> $this->_overrideEmailDomain;
> + //error_log ( "ValidUsername: " . $response['mail'] );
> + }
> }
> return TRUE;
> }
> @@ -173,6 +182,11 @@
> if ( $response['mail'] == "" ) {
> $response['mail'] = $uname . '@' . $this->_defaultEmailDomain;
> }
> + if ( $this->_overrideEmailDomain ) {
> + $user_part = strstr( $response['mail'], "@", true);
> + $response['mail'] = $user_part . '@' .
> $this->_overrideEmailDomain;
> + //error_log ( "authenticate: " . $response['mail'] );
> + }
> }
> return TRUE;
> }
>
>
> If a new overrideEmailDomain variable is defined in preferences.php,
> that domain name is used to replace whatever domain name part existed
> in the email address fetched from LDAP/ActiveDirectory.
>
> Any chance of getting this patch or something similar included in the
> next version of zend.to <http://zend.to>?
>
> Kind Regards,
> Alex
>
>
>
>
> _______________________________________________
> ZendTo mailing list
> ZendTo at zend.to
> http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto
>
> Jules
>
> --
> Julian Field MEng MBCS CITP CEng
>
> 'Always do sober what you said you'd do drunk. That will teach you
> to keep your mouth shut.' - Ernest Hemingway
>
> www.Zend.To
> Twitter: @JulesFM
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ecs.soton.ac.uk/pipermail/zendto/attachments/20140207/aa7d79e8/attachment.html
More information about the ZendTo
mailing list