Difference between revisions of "Freeside:1.9:Documentation:Administration:ldap.pm"
(New page: = LDAP Export = = Notes = To replace/delete the LDAP entry we have to find the existing one by its DN. Currently the insert method creates a DN like <code>uid=mark, dc=freeside, dc=biz<c...) |
|||
Line 1: | Line 1: | ||
− | = LDAP | + | = LDAP notes = |
− | + | To replace/delete the LDAP entry we have to find the existing one by its DN. Currently the insert method creates a DN like <code>uid=mark, dc=freeside, dc=biz</code> (or whatever your userdn is set to). This fails for non-unique usernames, which we support everywhere else. It also fails if we ever want to use it for non-svc_acct things, which just might happen someday now that we have cust_main exports. | |
− | |||
− | To replace/delete the LDAP entry we have to find the existing one by its DN. Currently the insert method creates a DN like <code>uid=mark, dc=freeside, dc=biz<code> (or whatever your userdn is set to). This fails for non-unique usernames, which we support everywhere else. It also fails if we ever want to use it for non-svc_acct things, which just might happen someday now that we have cust_main exports. | ||
So there's now an export option, "key_attrib", which is the name of the LDAP attribute that will be used as the node name. If this isn't set, it will use the first one that has a value of $username, which should be backward-compatible. If there's a need we could allow multiple key_attribs (<code>uid=mark, dc=mydomain</code>...?), but in that case it might be simpler to just use <code>cn=$svcnum</code> or something else that's guaranteed unique. | So there's now an export option, "key_attrib", which is the name of the LDAP attribute that will be used as the node name. If this isn't set, it will use the first one that has a value of $username, which should be backward-compatible. If there's a need we could allow multiple key_attribs (<code>uid=mark, dc=mydomain</code>...?), but in that case it might be simpler to just use <code>cn=$svcnum</code> or something else that's guaranteed unique. |
Latest revision as of 04:38, 19 August 2010
LDAP notes
To replace/delete the LDAP entry we have to find the existing one by its DN. Currently the insert method creates a DN like uid=mark, dc=freeside, dc=biz
(or whatever your userdn is set to). This fails for non-unique usernames, which we support everywhere else. It also fails if we ever want to use it for non-svc_acct things, which just might happen someday now that we have cust_main exports.
So there's now an export option, "key_attrib", which is the name of the LDAP attribute that will be used as the node name. If this isn't set, it will use the first one that has a value of $username, which should be backward-compatible. If there's a need we could allow multiple key_attribs (uid=mark, dc=mydomain
...?), but in that case it might be simpler to just use cn=$svcnum
or something else that's guaranteed unique.