klaus.steinberger at Physik
Sep 29, 2011, 7:09 AM
Post #3 of 3
(189 views)
Permalink
|
Hi Andrew,
>> ich have the following problem:
>>
>> My LDAP directory is a Novell Edirectory, which has some different behavior than
>> OpenLDAP.
>>
>> Especially for groups it's different, it has a attribut member instead of
>> memberUID, and this attribute stores the full DN of the members.
>>
>> Is there a configuration parameter for davical for this?
>
> I believe this should still work. Essentially the configuration for
> LDAP defines LDAP queries and field mappings, although most of the
> examples will define the mappings for OpenLDAP fields you should be able
> to work out which fields you need from eDirectory instead, and what your
> LDAP groups query should look like.
the mapping is not the problem. I get back the correct values from LDAP, but
davical has no way to connect a user Full DN to it's Username:
For example this account:
Guinea.Pig
Full DN is cn=Guinea.Pig,ou=Local,ou=Personen,o=physik
So there needs to be function which does the following:
a) simple method (but maybe not correct):
extract the CN part from a Full DN
b) search in LDAP for a Full DN and return the CN
> I don't use LDAP myself, so perhaps someone who knows more about it can
> guide you further (there are a few people on IRC who may be able to
> help) or perhaps this small clue is enough.
>
> If you work it out it would probably be nice to add an example
> eDirectory configuration onto the wiki.
I think we need some patch in the code somewhere in the sync_LDAP_groups
function, and a additional configuration value. I will look into it.
Sincerly,
Klaus
--
Rechnerbetriebsgruppe / IT, Fakultät für Physik
Klaus Steinberger
FAX: +49 89 28914280
Tel: +49 89 28914287
|
signature.asc
