Wed Jul 23 2014 10:59:48 EDT from dothebart @ Uncensored Subject: re: 8.25
Tue Jul 22 2014 15:09:07 EDT from harryc @ Uncensored Subject: re: 8.25
Tue Jul 22 2014 15:03:06 EDT from dothebart @ Uncensored Subject: re: 8.25please attach the patch to the mail.
Chuckle.. So that's what the 'attachment' button is for??? :-)Hope it worked....Harryok, nice. For shure if - its going to be appended to master (since its a new feature..).
it leaves me (you;-) with one problem.
Meanwhile a new config setting has been added by IG - the nntp settings - and you've added...
if (config.c_ldap_searchstring[0]==0) {
if (config.c_auth_mode == AUTHMODE_LDAP_AD) {
strcpy(config.c_ldap_searchstring, "(sAMAccountName=%s)");
}
else {
strcpy(config.c_ldap_searchstring, "(&(objectclass=posixAccount)(uid=%s))");
}
}However, since this is directly connected to the auth mode, one basicaly wouldn't need this to be a new config setting at all, but better calculate it on first use imho?
This would then remove many of your changes, plus the problem about the new settings conflict.
--Let me fill you in a bit on the puzzle I was aiming to solve.
There is no such thing as a 'standard' ldap structure. More properly, almost everyone who uses it has committed great resources to building a structure that's ever so slightly different than someone who started a few years later or earlier, many have tweaked it to suit the needs of their group Each of these groups is dead certain sure their structure is standard, and even should there be agreement in principle that it's not, the work involved in changing everything is much greater than either hacking citadel or using a different package altogether.
It's not enough to permit citadel users the ability to adjust bind and base designated names-- to be broadly useful it has to be possible to adjust the string used to identify which element in the ldap structure is the one to return to citadel. Now most everyone who uses active directory will use one default string. A great whole lot of folks who use other ldap structures will use the posix account uid named above. To maintain compatibility with the past, if citadel sees no search string set by the config, when first it's time to do a search the above code fills it in with the previous defaults. It so happens in the ldap world I need to use, to be useful the search string is this:
"(cn=%s)"
Why? uid would force the citadel name to be, for example, 'emailadmin' or 'jjones', while cn would allow it to be 'Email Administrator' or 'Jay Jones'. Folks in my little world like to log in with their names, which they like because they remember it, and I like because they can log in without 'asking IT'. The email contractions are often not so predictable in even a small group of folks.
So you see, it isn't reliably possible to calculate the 'correct' string in all cases. So what I did was have the system take it's shot at calculating it at the very last minute only if there hasn't been a setting change specifying otherwise.
I'm open to other approaches certainly. For example one would be to use the uid here and hard code it, but have some other setting let users log in using any of the sensible possible fields in the vcard as the user name. I suppose there are others, the above was my shot.
Harry
