You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@syncope.apache.org by Edward Siewick <es...@digipro.com> on 2013/03/19 03:17:48 UTC

LdapConnector v1.3.3 seems to be ignoring some LDAP attributes

Hi.

With v1.0.6, LdapConnector 1.3.3 and openLDAP 2.4.28, there are a number 
of attributes that aren't appearing in the "External Attributes" 
pulldown. I have the same object classes defined for the connector as 
are in use in openLDAP (Top, Person, OrganizationalPerson, 
InetOrgPerson, posixAccount, shadowAccount). I went looking for 
homeDirectory, which openLDAP wants for anything created in my 
ou=People. Apache DS shows homeDirectory on openLDAP. It's just not in 
the pulldown. There are others I'm fairly certain should be, too, such 
as gecos.

Another oddity is that for most attributes with aliases, only one of 
them typically shows up in the pulldown. That's fine, except that 
there's at least one exception to this. Both cn and commonName appear in 
the pulldown.

I'd assumed the "Read Schema" boolean caused the connector to pull the 
all attributes relevant to the object classes from the directory 
service. Is this not the case?

Thanks,

Edward Siewick

Re: LdapConnector v1.3.3 seems to be ignoring some LDAP attributes

Posted by Francesco Chicchiriccò <il...@apache.org>.

On 19/03/2013 03:17, Edward Siewick wrote:
> Hi.
>
> With v1.0.6, LdapConnector 1.3.3 and openLDAP 2.4.28, there are a 
> number of attributes that aren't appearing in the "External 
> Attributes" pulldown. I have the same object classes defined for the 
> connector as are in use in openLDAP (Top, Person, 
> OrganizationalPerson, InetOrgPerson, posixAccount, shadowAccount). I 
> went looking for homeDirectory, which openLDAP wants for anything 
> created in my ou=People. Apache DS shows homeDirectory on openLDAP. 
> It's just not in the pulldown. There are others I'm fairly certain 
> should be, too, such as gecos.
>
> Another oddity is that for most attributes with aliases, only one of 
> them typically shows up in the pulldown. That's fine, except that 
> there's at least one exception to this. Both cn and commonName appear 
> in the pulldown.
>
> I'd assumed the "Read Schema" boolean caused the connector to pull the 
> all attributes relevant to the object classes from the directory 
> service. Is this not the case?

Hi Edward,
thanks for reporting this: you are right, the "Read Schema" flag causes 
Syncope to ask the underlying connector for managed attributes (given 
the provided configuration).

Probably, the issues reported above with the ConnId LDAP connector and 
OpenLDAP are more related to the actual connector rather than to 
Syncope: could you please forward this e-mail - alongside with all 
relevant configuration and environment parameters - to 
connid-user@googlegroups.com so that we can handle there more properly?

Regards.

-- 
Francesco Chicchiriccò

ASF Member, Apache Syncope PMC chair, Apache Cocoon PMC Member
http://people.apache.org/~ilgrosso/