LDAP Attributes at Login (e.g. givenName -> PROP_FIRSTNAME)

Question asked by dtmiller1976 on Jul 28, 2008
Hi all. I posted this to the Configuration forum but I thought perhaps it would be more appropriate for one of the development forums.  I apologize in advance if anyone is now reading this for the second time…

Here's the situation:  I'm trying to find a way to automatically create user home directories based on LDAP attributes such as Last Name, Organization, etc.

I was able to configure UID-based directory creation using the "UIDBasedHomeFolderProvider" bean. I now want to automatically create home directories based on OTHER attributes in LDAP. To that end, I created another HomeFolderProvider class called "NameBasedHomeFolderProvider". It creates a folder name from the "PROP_FIRSTNAME" and "PROP_LASTNAME" properties.  The problem is that these are not correctly set unless I do a full LDAP synchronize, which I want to avoid.

What would ideally happen is some kind of attribute mapping at initial login time so the above properties would be set correctly and I could use them. Unfortunately I can't figure out where this could be configured (if at all).

Is an LDAP synchronize operation the only way to map LDAP attributes?  What happens if a user tries to log in before synchronization has completed (or begun)?  In that case, a home space would be created that would later need to be changed.  Would a conflict arise during the sync operation?

Thanks in advance for any help,