Re: [Phpgroupware-developers] Proposed ldap patch...

[Izzy Blacklock]

On Wednesday 26 Mar 2003 11:05 pm, Lars Kneschke(priv.) wrote:
> Izzy Blacklock <address@hidden> schrieb:
> >I realize this is a lot more work then a simple patch, but I think it
> >make the
> >most sense.  What does everyone else think?
> >
> >I'll document the behavior as it is now.  As long as people don't try
> >adding
> >the demo accounts and I'd guess add users with phpgw when they've said
> >no to
> >managing the homedir and shell attributes, then there shouldn't be any
> >
> >problems.
>
> As we have learned the last days, it is bad to have a option not to set
> homedir and shell. This should be rewriten, so that this fields become
> always set.
>
> Making ldap working only with existing accounts is also a very nice idea.
> I'll try to implement this.

If this is only needed by LDAP, it may be better to just do away with the 
option and the fields and make it mandatory that the accounts must exist.  

Does a system account have to exist for phpgw to work correctly?  I see I can 
create users who don't exist on the system when not using LDAP.  Obviously 
things like mail don't work if you don't have an account, but the calender 
works.  How are things handled when a user without a system account tries to 
run something that requires one?  Do they fail gracefully or spew errors?

Maybe the solution should be  to do away with adding the posixAccount and 
shadowAccount objectClasses and all their elements (uidnumber, gidnumber, 
homeDirectory and loginShell).  If the user needs a system account, it should 
be created using the usual tools.

Thoughts?

...Izzy