Le 04/10/2017 à 13:47, Lothar Haeger a écrit : > Radovan Semancik wrote: > >> The problem is that there is no standard way how to disable a user in >> LDAP. Some LDAP servers have proprietary attributes for this. And some >> servers (such as OpenLDAP) have no good way to do this at all. Therefore >> there the studio has to support many algorithms and it may even need >> custom extensions to support this properly. > A general solution (solving a lot of other use cases as a side effect) would > be > to implement a generic color/font/format coding feature. Let users define ldap > searches and assign formatting styles to those objects that match. Could be > strikethrough font, font/background color, object icon, watever. > > In a second step, pre-defined filter/formatting sets implementing common > useful > scenario's (like the one Graham posted) could be delivered with Studio so user > can just enable them if needed. Those delivered sets would also double as > example code and templates for custom needs.
That could work. Note that the user would just have to define a filter to match entries, something like : (&(objectClass=posixAccount)(|pwdAccountLockedTime=*)) which will be valid if the entry is a PosixAccount and the account is locked (that is when you use passwordPolicy). We can imagine other filters, typically when working with AD. The logic would be to associated such a filter to a entry handler in charge of the entry presentation (color, police, style, etc) so that when the browser expose the entries, it calls the handler and knows what to do accordingly to the filter. | Not that complicated to implement, but it requires a bit of work. If someone wants to give it a try, we would be very please to add this code to the server ! -- Emmanuel Lecharny Symas.com directory.apache.org
