Menu
▾
▴
Re: [webmin-l] LDAP Useradmin 'name' attribute issue
|
From: Jamie C. <jca...@we...> - 2006-02-14 11:01:40
|
On 14/Feb/2006 18:14 Murray Trainer wrote ..
> On Tue, 2006-02-14 at 14:24, Murray Trainer wrote:
> > Hi Jamie,
> >
> > I had a problem in the past creating users because my LDAP server
> > doesn't like the name attribute. I have just had it again and looked
> > into it further. I had a look at a recent Openldap core.schema file
> and
> > think I understand what is going on now. It looks from the snippets
> > below that the attribute 'name' used to be used as the attribute to
> > contain the user's first or given name. The attribute 'givenname' or
> > 'gn' is nowadays used for this purpose. The name is a SUP (superior)
> > objectclass - probably containing all forms of the user's 'name'. This
> > means that 'name' can't be used as an LDAP user attribute. Could you
> > please change the 'name' attribute to 'gn' in the LDAP Users & Groups
> > module. You might need an option to use the old attribute in the module
> > config to stop breaking sites still using the 'name' attribute. I will
> > hack the version of Webmin for now so it's not urgent.
> >
> > Thanks
> >
> > Murray
> >
> >
> >
> > # OpenLDAP Core schema
> > # $OpenLDAP: pkg/ldap/servers/slapd/schema/core.schema,v 1.68.2.6
> > 2005/01/20 17:01:18 kurt Exp $
> > .
> > .
> > .
> > # 2.5.4.41 is defined above as it's used for subtyping
> > #attributetype ( 2.5.4.41 NAME 'name'
> > # EQUALITY caseIgnoreMatch
> > # SUBSTR caseIgnoreSubstringsMatch
> > # SYNTAX 1.3.6.1.4.1.1466.115.121.1.15{32768} )
> >
> > attributetype ( 2.5.4.42 NAME ( 'givenName' 'gn' )
> > DESC 'RFC2256: first name(s) for which the entity is known by'
> > SUP name )
>
> Here are the changes below I did to make it work for me. I think the
> in_schema function doesn't work as intended as it tried to save the name
> attribute even though it wasn't in my schema.
>
> Murray
>
> ldap:/opt/webmin/ldap-useradmin # diff save_user.cgi*
> 650,651c650,651
> < push(@props, "gn", $firstname)
> < if (&in_schema($schema, "gn"));
> ---
> > push(@props, "name", $firstname)
> > if (&in_schema($schema, "name"));
> 705,706c705,706
> < push(@rprops, "gn")
> < if (&in_schema($schema, "gn"));
> ---
> > push(@rprops, "name")
> > if (&in_schema($schema, "name"));
Hi Murray,
That looks like a reasonable patch .. however, I have a question about
that "gn" attribute - which object class is it defined it?
- Jamie
|
