I have an example configuration at home that uses to repositories in combination with a MergingAttributeDao. It may be helpful, but I won't get to it until I'm at home, so if you find one before then.. ;-)
The documentation for PersonDirectory is actually pretty good: http://developer.jasig.org/projects/person-directory/1.1.2/ Cheers, Scott On Wed, Jun 17, 2009 at 10:00 AM, Marvin Addison <[email protected]>wrote: > > 1. For Active Directory, what if users are split into different OUs in a > > domain? For instance, staff in a "Staff" OU and students in a "Students" > > OU directly in the root of the domain. I tried leaving the baseDN for > > the attributeRepository as "dc=school,dc=edu" but that gets a > > continuation error. Is there a way to search multiple OUs? > > The error above is a known issue, > http://www.ja-sig.org/issues/browse/PERSONDIR-53. It _would_ be > possible to search below the OU level if the PersonDirectory > developers would simply apply the patch that Scott attached to that > issue, but their lack of movement on the issue to date suggests it > won't be fixed in the near future. Sorry. > > The workaround is to create multiple attribute repository beans, each > with the scope of the OU you wish to search. We do something similar > where different authentication handlers produce different principals, > requiring different LDAP queries for attributes. We handle that using > two attribute repositories and it works well. I recall, but don't > have a reference, that others have posted to the list with a use case > similar to yours and have solved the problem with multiple attribute > repositories. You might try searching the archives for those if you > would like some concrete configuration examples. > > Good luck, > M > > -- > You are currently subscribed to [email protected] as: > [email protected] > To unsubscribe, change settings or access archives, see > http://www.ja-sig.org/wiki/display/JSG/cas-user > -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
