I've mailed the ConnId User list to continue this topic: https://groups.google.com/forum/?fromgroups=#!topic/connid-dev/oMeeLOzaOeQ
Colm. On Wed, Nov 7, 2012 at 11:51 AM, Emmanuel Lécharny <[email protected]>wrote: > Le 11/7/12 12:16 PM, Fabio Martelli a écrit : > > Il giorno 07/nov/2012, alle ore 11.44, Emmanuel Lécharny ha scritto: >> >> Le 11/7/12 11:15 AM, Francesco Chicchiriccò a écrit : >>> >>>> On 07/11/2012 10:48, Fabio Martelli wrote: >>>> >>>>> Il giorno 07/nov/2012, alle ore 10.35, Colm O hEigeartaigh ha scritto: >>>>> >>>>> Hi Fabio, >>>>>> >>>>>> Thanks for the reply. Just to clarify: we have no way of importing >>>>>> passwords into Syncope from users stored in an LDAP backend that >>>>>> isn't Sun Directory Server Enterprise Edition? Could you expand on >>>>>> the reasons for this if so? >>>>>> >>>>> Hi Colm, >>>>> actually the reason is not so clear to me as well: the current ldap >>>>> connector implementation is the original provided by Sun Microsystems. >>>>> We can take a look at the sources to investigate a possible >>>>> refactoring. >>>>> >>>>> If you would take care of this, please check it out >>>>> at >>>>> https://code.google.com/p/**connid/source/checkout<https://code.google.com/p/connid/source/checkout> >>>>> . >>>>> >>>> ...you mean >>>> https://connid.googlecode.com/**svn/bundles/ldap/trunk<https://connid.googlecode.com/svn/bundles/ldap/trunk> >>>> >>>> In my opinion we should first investigate what gets actually passed by >>>> the connector to Syncope for password: need to debug/break or put some >>>> additional logging statement somewhere in Syncope to actually obtain >>>> something useful... >>>> >>> whith code like that : >>> >>> String entryDN = authnObject.** >>> getAttributeByName("entryDN").**getValue().get(0).toString(); >>> >>> you can be sure that it will work with SunDS only : the entryDN >>> attributeType is specific to SUN servers... >>> >> Exactly what I expected. >> If you think we have a common way to retrieve such information we can >> move the discussion on connid dev ML in order to discuss the ldap connector >> refactoring. >> > > The entry DN should *not* be taken from one of the entry attribute. This > is an operationnal Attribute, which is intended to be used to allow > searches based on the entry's DN (see RFC 5020). Expecting this value to be > present is just plain wrong. > > The entry's DN shoudl be available directly as a part of the entry, but > not as an Attribute. > > > > -- > Regards, > Cordialement, > Emmanuel Lécharny > www.iktek.com > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
