On Tue, 2014-04-22 at 17:16 +0200, Jakub Hrozek wrote: > On Tue, Apr 22, 2014 at 05:12:58PM +0200, Jan Pazdziora wrote: > > On Tue, Apr 22, 2014 at 02:21:58PM +0000, Simo Sorce wrote: > > > > Also, this approach wouldn't work well with respect to multiple domains > > > > with different schemas. > > > > > > > > Jan's proposal, which I like, was to change the ldap_user_extra > > > > attribute syntax from: > > > > ldap_user_extra_attrs = ldap_attr_name1, ldap_attr_name2 > > > > > > > > to: > > > > ldap_user_extra_attrs = ldap_attr_name1:sysdb_attr_name1, > > > > ldap_attr_name2:sysdb_attr_name2 > > > > > > > > The sysdb_attr_name would not be mandatory, if the sysdb name was > > > > omitted, > > > > then the back end would save the attribute verbatim. > > > > > > > > If there was a conflict between the name the user chose (or the original > > > > LDAP attribute name), the SSSD would throw an error. > > > > > > I like this a lot, please do it. > > > > > > Although I wonder, should the order be the reverse ? > > > I think of it as assignments so mentally I would visualize them as: > > > ldap_user_extra_attrs = internal_name_1:ldap_name_1, > > > internal_name_2:ldap_name_2 > > > > How about > > > > ldap_user_extra_attrs = internal_name_1=ldap_name_1, > > internal_name_2=ldap_name_2 > > > > then? > > I need to check if this would fly well with libini which uses '=' as the > key/value separator.
I prefer ':' as separator. Simo. _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
