[freeside] ldap export

Kristian Hoffmann khoff at pc-intouch.com
Sat Feb 28 20:01:30 PST 2004


I've been thinking about using the LDAP export instead of exporting to the
passwd/shadow files.  I didn't know that export was incomplete.  I'll see
if I can finish it up.

-Kristian


On Fri, 27 Feb 2004, Dan Bethe wrote:

> Hi all.  Thanks to Ivan and all other freeside contributors for such a great
> app.
>
> I'm interested in seeing the basic completion of the LDAP export in Freeside.
> The current state is that the code hasn't changed since freeside 1.4.1, which
> is what I'm using, and it only does adding but no modification or deletion.
> I'm not a programmer but if you're interested in contributing code or a cash
> pledge for code, read on.
>
> Here are some brief notes on how to minimally configure the LDAP export,
> assuming that you have a functional openldap server with 'ou=Customers' on your
> tree in which to place all new user accounts and have enabled the appropriate
> schemata.
>
>                o rootdn: cn=root,dc=yourisp,dc=com
>                o userdn: ou=Customers,dc=yourisp,dc=com
>                o attributes
>                     # add 'posixAccount,shadowAccount,organizationalPerson' to
> objectClass
>                     # homeDirectory /home/$username
>                     # userPassword $crypt_password
>                     # uidNumber $uid
>                     # gidNumber $gid
>                     # cn $first $last
>                     # givenName $first
>
> Here is a list of functionality that is not presently implemented.  I'm pretty
> sure this is all of it, from what I can tell by clicking on all management
> functions.
>
> * customer view
>     * account suspension (ldap replace unimplemented)
>     * cancel (ldap delete unimplemented)
>     * unprovision (ldap delete unimplemented)
>     * add/edit packages (ldap replace unimplemented)
>
> And I don't know if there are more variables with which to create new ldap
> attributes.
>
> Ivan says that the export interfaces are reasonably isolated, and that
> obviously enough of the framework exists that a given competent object oriented
> perl programmer would be able to complete the whole thing in perhaps a few
> hours.  I don't know how long it'd take you to grok freeside itself, and all of
> this is simply an arm waving guesstimate.  Ivan has no interest in direct
> engineering, but will gladly accept patches in a heartbeat.
>
> Does anyone here happen to have a functional LDAP interface that you haven't
> committed to Ivan yet?  Perhaps you've done it for a client or employer who you
> could ask for the liberation of your work.  Is anyone else willing to pledge
> cash for its expedient completion?  I'm in a time crunch this time around, but
> I'll have more Freeside deployments over time so I'll revisit this as well.  I
> can pledge a reasonable lump sum for a few hours' work.  If any of the above
> applies to you, please post here or email me and I'll summarize to the list.
>
> Thanks!
>
> __________________________________
> Do you Yahoo!?
> Get better spam protection with Yahoo! Mail.
> http://antispam.yahoo.com/tools
>




More information about the freeside-users mailing list