Le 04/10/2017 à 13:57, Shawn McKinney a écrit : >> On Oct 4, 2017, at 2:25 AM, Radovan Semancik <[email protected]> >> wrote: >> >> The problem is that there is no standard way how to disable a user in LDAP. >> Some LDAP servers have proprietary attributes for this. And some servers >> (such as OpenLDAP) have no good way to do this at all. Therefore there the >> studio has to support many algorithms and it may even need custom extensions >> to support this properly. > I wouldn’t characterize adherence to an expired IETF draft — proprietary. > The main problem is LDAPv3 doesn’t include pw policies and the communities > (us) have never bothered to ratify an extension as standard. > > I’d suggest there could be coverage of a limited set of servers. > > For example fortress supports extensions common to openldap and apacheds and > studio could as well.
Actually, all those considerations are useless. As I said in another mail, Studio does not have to knwo anything about the semantic of what characterises a 'disabled' user : we just need to associated a filter (that the Studio users will configure to fit their need) to a presentation handler, leveraged by the Browser plugin when drawing an entry. Simple, context-free, and does not take care of non-standard dead draft that are not implemnted properly by many servers... -- Emmanuel Lecharny Symas.com directory.apache.org
