Ian Watched screencast and you did an amazing job! I want to backport this into my customized 4.1 cloudstack edition called cloudsand. CloudSand is a hybrid of CloudStack stable version with some urgently needed features pulled from master to speed up cloudstack adoption by enterprises. The work you do on LDAP will be a great addition!
With that said, I have few questions: Back several months aqgo, I recall some work done on LDAP where a patch was introduced to configure LDAP through UI. Not in Global Settings like you did for basedn, but in separate window where you defined hostname and port. Would you know what happened to that? Where do you stand with scheduled task on checking which ldap users have been deactivated and deactivate them in CS as well? Also, it would be nice to mention "User XYZ could not be added due to missing email (or whatever else is missing)". Have you tried testing this on Windows AD, unfortunately, many enterprises use Microsoft Active Directory. Thank again for improving CloudStack, Regards -ilya > -----Original Message----- > From: Ian Duffy [mailto:i...@ianduffy.ie] > Sent: Friday, July 26, 2013 11:52 AM > To: Sebastien Goasguen; Abhinandan Prateek; CloudStack Dev > Subject: [GSoC] (Screencast/Demo) LDAP user provisioning > > Hi Guys, > > The latest patch I uploaded to review board ( > https://reviews.apache.org/r/12969/ ) brings the "LDAP user provisioning" > project to a "prototype" stage. > > If anybody wants to give feedback the ldapplugin branch should have all > features shown in the screencast once the above patch is shipped. > Support still needs to be added for ldap over SSL, memberof filters and only > show users that exist within ldap but not cloudstack on the add user screen. > > This includes: > - A new plugin for configuring ldap, authenticating against LDAP and getting > a > list of users from LDAP. > - Modified UI > - Global Settings - Global LDAP configuration options. BaseDN, Bind > username, Bind password, etc. > - Global settings -> LDAP Configuration. Lets you add multiple LDAP > servers for failover support. > - Accounts -> Add Account. Brings up a table of LDAP users, lets you > select > one to many LDAP users, set the same domain/network > domain/timezone/etc. for them and create them. > > Quick 2min screencast at > https://www.youtube.com/watch?v=-3LG8wP7Zac&hd=1 showing off these > additions. > > This screencast was created using the embedded LDAP server I added in for > the sake of integration tests. Its based of ApacheDS, and can be started with > > mvn -pl plugins/user-authenticators/ldap ldap:run > > Thanks for all the help! > Ian
