Hi Juergen,
SSGD uses the following search filter to identify the that an
authenticated LDAP "object" is actually a "user".
"(|(objectclass=user)(objectclass=person)(uid=*))"
If this search filter doesn't match then SSGD won't be able to offer
user services for that LDAP object (webtop, printing, launch etc).
As this is clearly not a definitive filter to match all possible user
objects, it been logged as a bug and should be getting addressed in the
next release. I think the plan is to make this filter configurable so
SSGD admins can configure this to match their LDAP installation.
If you are planning to build a directory that meets SSGD's current
requirements then so long as the above filter matches the users in your
directory SSGD should treat them as users and allow them access to user
services.
Hope this helps,
-- DD
Juergen Arndt wrote:
Hello all,
I'd like to connect SSGD 4.40 to an OpenLDAP server. Authentication
works fine, now I want to work with user profiles, which are located
in the LDAP directory.
Unfortunately we used for our LDAP objects other objectclasses than
SSGD expects - for example our users have the objectclass "account",
SSGD seems to look for "person".
Now I'm wondering, is there any documentation which requests SSGD
sends to the LDAP server? It would be very useful to create a new
directory which fits the needs of SSGD (for some reason it's not
possible for us to use the Sun Java Directory Server).
Juergen
_______________________________________________
SGD-Users mailing list
[email protected]
http://www.filibeto.org/mailman/listinfo/sgd-users
