Hello Oliver, Thank you for your reply. I am very sorry about the AI-generated configuration in my previous email. That was my mistake, and I fully understand your concern. I will no longer use any AI-generated config when asking questions on the mailing list.
Regarding my issue: I have been reading the documentation on https://openxpki.readthedocs.io/en/master/ but I may have overlooked the relevant part. What I am trying to understand is: How to correctly map LDAP attributes (e.g. firstName, lastName, email) to OpenXPKI user attributes such as userinfo.* for TestAccounts, and how these mapped values can be used in profile presets. If this is already described somewhere in the documentation, could you please let me know where to find it? I would really appreciate even a small pointer, and I apologize again if the information is already there and I simply missed it. Thank you very much for your time, and sorry again for the trouble caused. Best regards, Xiao Han -----Original Messages----- From: "Oliver Welter" <[email protected]> Send time: Thursday, 11/27/2025 14:11:59 To: [email protected] Subject: Re: [OpenXPKI-users] How to use attributes in LDAP as OpenXPKI user attributes Hello, please read the extensive documntation and stop spamming the ML with AI generated config. best regards Oliver On 11/26/25 17:41, HAN Xiao wrote: Dear Developer, I encountered an issue while configuring OpenXPKI: I’m unable to use user attributes from LDAP as user properties in presets or in other parts of the workflow. In detail, my LDAP connection is working and I can log in normally. The configuration is as follows: --stack.yaml-- LDAPAuth: label: LDAP Auth description: Login with LDAP handler: LDAPAuth type: passwd --handler.yaml-- LDAPAuth: type: Connector label: LDAP Login for Users role: User source@: connector:auth.connector.userLDAP attributes: userinfo.email@: "param:email" userinfo.gname@: "param:firstName" userinfo.name@: "param:lastName" --connector.yaml-- userLDAP: class: Connector::Builtin::Authentication::LDAP LOCATION: ldap://xxx.xxx.xx.xx base: ou=users,dc=xxxx,dc=xx,dc=xx binddn: cn=xxxx,ou=users,dc=xxxx,dc=xx,dc=xx password: xxxx debug: 1 verify: none filter: "(email=[% LOGIN %])" attrs: - email - firstName - lastName The LDAP contains the following information that I need: email: [email protected] lastName: Han firstName: Xiao sex: male sn: hanx14 afs: hanx But I don't know how to use it in realm/realm_name/profile/template/ I just do some simple test, like --requestor_gname.yaml-- id: requestor_gname label: I18N_OPENXPKI_UI_PROFILE_REQUESTOR_REALNAME description: I18N_OPENXPKI_UI_PROFILE_REQUESTOR_REALNAME_DESC type: static width: 40 placeholder: John Doe preset: userinfo.gname required: 0 However, in the web UI it shows as <not set>. Additionally, there are a large number of errors in /var/log/openxpki-server/catchall.log and openxpki.log: 2025/11/27 00:09:01 FATAL OpenXPKI::Service::Default->init() failed: I18N_OPENXPKI_TRANSPORT_SIMPLE_CLIENT_READ_CLOSED_CONNECTION [pid=370|sid=OHJK] 2025/11/27 00:09:01 openxpki.system.FATAL OpenXPKI::Service::Default->init() failed: I18N_OPENXPKI_TRANSPORT_SIMPLE_CLIENT_READ_CLOSED_CONNECTION [pid=370|sid=OHJK] I’m not sure if these are related to the issue. I look forward to your help. Thank you! Best regards, Xiao HAN _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users -- Protect your environment - close windows and adopt a penguin! _______________________________________________ OpenXPKI-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openxpki-users
