Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!

LDAP plug-in allows variable substitution Network
I was gob-smacked to discover that the current version (1.6.2) of the LDAP plug-in for Directory Access supports variable substitution in its LDAP mappings! This wasn't the case with the plug-in not so long ago, so I don't know exactly when that was updated, but I'm guessing only an update ago or so.

We've been plotting a roll out of OS X with Active Directory (AD) authenticaion and roaming/network home folders (on an XServe) for all users but were having problems finding AD attributes to borrow for the three essential User attributes, viz UID, HomeDirectory and NFSHomeDirectory. Now, though UID is solvable one way or another, the two Home Directory attributes were causing some problems. Either we extended the company's global MS AD schema, or borrowed some unused attributes. No longer! We can static map them with Variable Substitution! For example:

  • HomeDirectory maps to: #afp://HOMESERVER/Homes$sAMAccountName$
  • NFSHomeDirectory maps to #/Network/Servers/HOMESERVER/Homes/$sAMAccountName$
Here's a useful reference if this is all gibberish: MacDevCenter article on LDAP and OS X. Now to see if the AD plugin has been improved to the point where we can use that instead...
    •    
  • Currently 1.00 / 5
  • 1
  • 2
  • 3
  • 4
  • 5
  (1 vote cast)
 
[6,358 views]  

LDAP plug-in allows variable substitution | 4 comments | Create New Account
Click here to return to the 'LDAP plug-in allows variable substitution' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
LDAP plug-in allows variable substitution
Authored by: alan-trewartha on Jun 09, '04 06:45:04AM
apparently it was 10.3.3 in March when this updated. also CORRECTION due to forgetting to escape <

HomeDirectory maps to: #afp://HOMESERVER/Homes$sAMAccountName$

[ Reply to This | # ]

LDAP plug-in allows variable substitution
Authored by: alan-trewartha on Jun 09, '04 06:45:44AM
apparently it was 10.3.3 in March when this updated. also CORRECTION due to forgetting to escape <

HomeDirectory maps to: #<home_Dir><url>afp://HOMESERVER/Homes</url><path>$sAMAccountName$</path></home_Dir>

[ Reply to This | # ]

LDAP plug-in allows variable substitution
Authored by: dwestcott on Jun 09, '04 07:45:24AM
Variable support in the LDAP plugin started to appear from OSX 10.2.2

The guy who worked on this stuff put some documentation up here:
http://homepage.mac.com/dansinema/




[ Reply to This | # ]
LDAP plug-in allows variable substitution
Authored by: alan-trewartha on Jun 09, '04 09:31:21AM

Yes, I tried that plugin, but we'd moved to 10.3 by then, and Dan (to my knowledge) never updated it from 10.2 to work with 10.3. Meanwhile the Apple plugin with 10.3 didn't support variable substitution until 10.3.3, which came out a few months ago.



[ Reply to This | # ]