The first feature Tim lists comes built-in to DSpace already, no? You can do LDAP lookup and add then add them to a "special" group on the fly. The second feature seems similarly possible as as long as you can pull the necessary attributes from your directory.
Jason -- Jason Stirnaman Biomedical Librarian, Digital Projects A.R. Dykes Library, University of Kansas Medical Center jstirna...@kumc.edu 913-588-7319 >>> On 3/12/2010 at 12:29 PM, in message <4b9a881a.4090...@duraspace.org>, Tim Donohue <tdono...@duraspace.org> wrote: > Hi all, > > To add to Dorothea's response for an "ideal" way to manage accounts. > > When I was at U of Illinois at Urbana-Champaign (UIUC), we implemented a > similar "auto-account" management solution using our local LDAP > directory (and local Active Directory groups). I unfortunately never > got around to fully sharing it as it was still semi-UIUC specific. As > Dorothea implies, every LDAP is unfortunately different, and not all > LDAPs store this information (and if they do, they may store it in > different fields or use different values/codes in those fields). > > However, perhaps the UIUC code could be minimally made available for > others to improve and make more "configurable" for a generic institution > -- it's at least a potential starting point. > > I've noted what general features we had implemented at UIUC below, based > on Dorothea's wishlist: > > On 3/12/2010 11:38 AM, Dorothea Salo wrote: >> >> What we can't do that I would very much like us to: >> >> - automagically populate the eperson directory based on LDAP login >> results and lookups (you logged in? congrats, you're an eperson! an >> admin looked you up? congrats, you're an eperson!) > > We had this feature implemented at Illinois -- if you could login (via a > custom UIUC login solution) we'd know your NetID and auto-create an > EPerson by doing an LDAP lookup to get your Name. We'd also then > auto-add you to an "UIUC Users" group in our DSpace -- which gave some > immediate access rights to you (including the immediate ability to > submit to a generic "UIUC Research" Collection). > >> - assign people to a group based on being in a given department or research > unit > > We could also basically do this. We'd look up your Department name in > LDAP, and if we could *find* a DSpace Group of that name, then we'd > auto-add you to it for the remainder of your session. However if no > DSpace Group existed with that name, then nothing happened. > >> - assign people to a group based on being in a specific course (and >> revoke their access when the course is over) > > Sorry, we didn't have specific course info in our LDAP -- so this wasn't > possible for us at UIUC. > >> - assign people to a group based on program/degree status (ETDs!) > > We also had a basic implementation for this. Based on your degree > *code* in LDAP (we had to contact our local IT depart to figure out the > meaning of various codes in our LDAP fields), we could add you > automatically to a "UIUC Masters Students" or "UIUC UnderGrad Students", > "UIUC PhD Students" or "UIUC Faculty/Staff" group in DSpace. > > Again, much of this code I built while at UIUC was a bit UIUC-specific > (though there were some configurable parts would could allow it to work > for UIUC-similar LDAP directories). I had always wanted to make it more > widely available but unfortunately never got around to it. But, > hopefully, assuming my UIUC colleagues agree to it, we could get a copy > of what was created into JIRA for someone to build from. > > So, I don't have a complete answer to the problem -- but a possible > contact to help someone come up with an answer that will work for at > least those institutions who use LDAP. But, obviously, we need to find > a volunteer developer to help bring this forward! > > - Tim > > ------------------------------------------------------------------------------ > Download Intel® Parallel Studio Eval > Try the new software tools for yourself. Speed compiling, find bugs > proactively, and fine-tune applications for parallel performance. > See why Intel Parallel Studio got high marks during beta. > http://p.sf.net/sfu/intel-sw-dev > _______________________________________________ > DSpace-tech mailing list > DSpace-tech@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/dspace-tech ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ DSpace-tech mailing list DSpace-tech@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspace-tech
