Difference between revisions of "Freeside:1.9:Documentation:Administration:ldap.pm"

From Freeside
Jump to: navigation, search
(New page: = LDAP Export = = Notes = To replace/delete the LDAP entry we have to find the existing one by its DN. Currently the insert method creates a DN like <code>uid=mark, dc=freeside, dc=biz<c...)
 
 
Line 1: Line 1:
= LDAP Export =
+
= LDAP notes =
  
= Notes =
+
To replace/delete the LDAP entry we have to find the existing one by its DN. Currently the insert method creates a DN like <code>uid=mark, dc=freeside, dc=biz</code> (or whatever your userdn is set to). This fails for non-unique usernames, which we support everywhere else. It also fails if we ever want to use it for non-svc_acct things, which just might happen someday now that we have cust_main exports.
 
 
To replace/delete the LDAP entry we have to find the existing one by its DN. Currently the insert method creates a DN like <code>uid=mark, dc=freeside, dc=biz<code> (or whatever your userdn is set to). This fails for non-unique usernames, which we support everywhere else. It also fails if we ever want to use it for non-svc_acct things, which just might happen someday now that we have cust_main exports.
 
  
 
So there's now an export option, "key_attrib", which is the name of the LDAP attribute that will be used as the node name. If this isn't set, it will use the first one that has a value of $username, which should be backward-compatible. If there's a need we could allow multiple key_attribs (<code>uid=mark, dc=mydomain</code>...?), but in that case it might be simpler to just use <code>cn=$svcnum</code> or something else that's guaranteed unique.
 
So there's now an export option, "key_attrib", which is the name of the LDAP attribute that will be used as the node name. If this isn't set, it will use the first one that has a value of $username, which should be backward-compatible. If there's a need we could allow multiple key_attribs (<code>uid=mark, dc=mydomain</code>...?), but in that case it might be simpler to just use <code>cn=$svcnum</code> or something else that's guaranteed unique.

Latest revision as of 04:38, 19 August 2010

LDAP notes

To replace/delete the LDAP entry we have to find the existing one by its DN. Currently the insert method creates a DN like uid=mark, dc=freeside, dc=biz (or whatever your userdn is set to). This fails for non-unique usernames, which we support everywhere else. It also fails if we ever want to use it for non-svc_acct things, which just might happen someday now that we have cust_main exports.

So there's now an export option, "key_attrib", which is the name of the LDAP attribute that will be used as the node name. If this isn't set, it will use the first one that has a value of $username, which should be backward-compatible. If there's a need we could allow multiple key_attribs (uid=mark, dc=mydomain...?), but in that case it might be simpler to just use cn=$svcnum or something else that's guaranteed unique.