You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@syncope.apache.org by Edward Siewick <es...@digipro.com> on 2013/03/19 03:17:48 UTC
LdapConnector v1.3.3 seems to be ignoring some LDAP attributes
Hi.
With v1.0.6, LdapConnector 1.3.3 and openLDAP 2.4.28, there are a number
of attributes that aren't appearing in the "External Attributes"
pulldown. I have the same object classes defined for the connector as
are in use in openLDAP (Top, Person, OrganizationalPerson,
InetOrgPerson, posixAccount, shadowAccount). I went looking for
homeDirectory, which openLDAP wants for anything created in my
ou=People. Apache DS shows homeDirectory on openLDAP. It's just not in
the pulldown. There are others I'm fairly certain should be, too, such
as gecos.
Another oddity is that for most attributes with aliases, only one of
them typically shows up in the pulldown. That's fine, except that
there's at least one exception to this. Both cn and commonName appear in
the pulldown.
I'd assumed the "Read Schema" boolean caused the connector to pull the
all attributes relevant to the object classes from the directory
service. Is this not the case?
Thanks,
Edward Siewick
Re: LdapConnector v1.3.3 seems to be ignoring some LDAP attributes
Posted by Francesco Chicchiriccò <il...@apache.org>.
On 19/03/2013 03:17, Edward Siewick wrote:
> Hi.
>
> With v1.0.6, LdapConnector 1.3.3 and openLDAP 2.4.28, there are a
> number of attributes that aren't appearing in the "External
> Attributes" pulldown. I have the same object classes defined for the
> connector as are in use in openLDAP (Top, Person,
> OrganizationalPerson, InetOrgPerson, posixAccount, shadowAccount). I
> went looking for homeDirectory, which openLDAP wants for anything
> created in my ou=People. Apache DS shows homeDirectory on openLDAP.
> It's just not in the pulldown. There are others I'm fairly certain
> should be, too, such as gecos.
>
> Another oddity is that for most attributes with aliases, only one of
> them typically shows up in the pulldown. That's fine, except that
> there's at least one exception to this. Both cn and commonName appear
> in the pulldown.
>
> I'd assumed the "Read Schema" boolean caused the connector to pull the
> all attributes relevant to the object classes from the directory
> service. Is this not the case?
Hi Edward,
thanks for reporting this: you are right, the "Read Schema" flag causes
Syncope to ask the underlying connector for managed attributes (given
the provided configuration).
Probably, the issues reported above with the ConnId LDAP connector and
OpenLDAP are more related to the actual connector rather than to
Syncope: could you please forward this e-mail - alongside with all
relevant configuration and environment parameters - to
connid-user@googlegroups.com so that we can handle there more properly?
Regards.
--
Francesco Chicchiriccò
ASF Member, Apache Syncope PMC chair, Apache Cocoon PMC Member
http://people.apache.org/~ilgrosso/