Re: [Phpgroupware-developers] Proposed ldap patch...

[Lars Kneschke(priv.)]

Izzy Blacklock <address@hidden> schrieb: 
>Well I just did some digging and it looks like uidnumber and gidnumber
>are 
>used in a number of places.  Here's the results from the phpgw root
>dir:
>
>grep -R gidnumber * | wc -l
>     32
>grep -R uidnumber * | wc -l
>     59
>
>and from the phpgwapi dir
>
>grep -R gidnumber * | wc -l
>     23
>grep -R uidnumber * | wc -l
>     45
>
>Obviousely there would be a lot of code to change, some of which
>probably 
>couldn't be changed to correct this issue the way I've proposed.  This
>leaves 
>two options: eliminate the option not to manage homedir and shell
>entries, or 
>provide a sane default if the user chooses not to provide one.
>
>I can think of legitimate reasons why someone wouldn't want phpgw
>managing 
>system accounts, so eliminating the option probably isn't a good idea.
> In 
>fact, it may be worth changing the wording to read:
>
>  If using LDAP, do you want to manage system accounts?
>
>Saying no should then remove the ability to add, remove, or otherwise
>modify 
>system account elements.  They should be limited to adding, removing,
>or 
>otherwise modifying phpgw elements from existing accounts.
>
>I realize this is a lot more work then a simple patch, but I think it
>make the 
>most sense.  What does everyone else think?
>
>I'll document the behavior as it is now.  As long as people don't try
>adding 
>the demo accounts and I'd guess add users with phpgw when they've said
>no to 
>managing the homedir and shell attributes, then there shouldn't be any
>
>problems.

As we have learned the last days, it is bad to have a option not to set
homedir and shell. This should be rewriten, so that this fields become
always set.

Making ldap working only with existing accounts is also a very nice idea.
I'll try to implement this.

Cu