AnsweredAssumed Answered

Home Space based on LDAP Attributes

Question asked by dtmiller1976 on Jul 26, 2008
Latest reply on Sep 11, 2008 by andy
Hi all.  I'm trying to find a way to create user home directories automatically NOT based on UID and I could use some help.  Here's the situation:

We've got LDAP authentication working successfully against our OpenLDAP server.  I was able to configure UID-based directory creation using the "UIDBasedHomeFolderProvider" bean.  I want to automatically create home directories based on OTHER attributes in LDAP, for example first name (givenName), last name (sn), and organization.  To that end, I created another HomeFolderProvider class called "NameBasedHomeFolderProvider".  It creates a folder name from the "PROP_FIRSTNAME" and "PROP_LASTNAME" properties, but I quickly found that these were not correctly set.  (The class did work, however, and confirmed the ability to customize folder names.  All that is missing is the correct LDAP attributes.)

I want to avoid a full LDAP synchronization because we have a large number of users in LDAP and I don't want to add data from all of them into Alfresco.  What would ideally happen is some kind of attribute mapping at initial login time so the above properties would be set correctly and I could use them.  Unfortunately I can't figure out where this could be configured (if at all).

Is an LDAP synchronize operation the only way to map LDAP attributes?  What happens if a user tries to log in before synchronization has completed (or begun)?  In that case, a home space would be created that would later need to be changed.  Would a conflict arise during the sync operation?

I've searched the forums extensively and the closest I've gotten is the Wiki entry on LDAP configuration.  Unfortunately that only covers synchronization (import), but I'd really like to avoid that if at all possible and instead grab the necessary attributes at login time.

Thanks in advance for any help,