Roundcube Community Forum

 

New plugin: identity_from_directory (maintain identities with LDAP / AD)

Started by andreashaerter, April 02, 2024, 09:21:37 PM

Previous topic - Next topic

andreashaerter

Hi, we just released a new Roundcube plugin to automatically populate and maintain user identities on each login[/b], based on corresponding LDAP or Active Directory user data.

I hope this is also useful for somebody else, we use it for our email stack to get rid of Exchange, so no one-man-show and there will be proper maintenance in the future.


This hopefully provides all an admin needs, including fallback values for missing fields etc..

Small example: A user with the following Active Directory data



and a signature template set to

Code (php) Select

$config['identity_from_directory_signature_template_html'] = '
<p>
    Kind regards<br />
    <strong>%name_html%</strong><br />
    %organization_html%
</p>
<p>
    mailto: <a href="mailto:%email_html%">%email_html%</a><br />
    phone: <a href="tel:%phone_url%">%phone_html%</a><br />
    fax: <a href="tel:%fax_url%">%fax_html%</a><br />
    web: <a href="%website_html%">%website_html%</a>
</p>';


would result in the following Roundcube identities after the user login:



Granada

Hi andreashaerter!

Thank you very much for your effort! I'd like to use this plugin as a replacement for the older 'virtuser_ldap'-plugin for populating data from ldap of users logging in to our Roundcube the first time and to create an initial identity.

The virtuser_ldap-plugin uses this config and it looked to be easy to convert this to your plugin's config:

$config['virtuser_ldap'] = array(
  'name'           => 'virtuser_ldap',
  'hosts'          => array('ldaps://our.openldap.server'),
  'port'           => 636,
  'base_dn'        => 'ou=people,dc=domain,dc=ac,dc=at',
  'search_filter'  => '',
  'search_fields'  => array('mail', 'uid'),
  'fieldmap'       => array(
    'username' => 'uid',
    'givenname'    => 'givenName',
    'surname'      => 'sn',
    'email'    => 'mail',
  )
);

The Roundcube-Username I need for ldapsearch is the ldap attribute 'uid', but whatever I config the ldapsearch does the following which is not working (excerpt vom ldap-debug log):

C: Search base dn: [ou=people,dc=meduniwien,dc=ac,dc=at] scope with filter [(|(cn=myuserID))]

The search should use uid=myuserID. How can this be done? There's no cn set in the config at all, it seems to be set by rcube_ldap_generic.php if $attributes is empty:

        if (empty($attributes)) {
            $attributes = ['cn'];
        }

Kind regards from Vienna,
Granada

Granada

Found the solution: search_fields is not an array. If I declare it with  'search_fields'  => 'uid', it works and reads all the data from our ldap server.

Regards
Granada