mapping LDAP attributes for new users

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • hi-ko
    Member
    • May 2015
    • 90
    #1

    mapping LDAP attributes for new users

    I installed latest EspoCRM and configured Authentication using LDAP againt Active Directory. So far so good.

    I'm not very happy with the attribute mapping. e.g. username should be mapped to sAMAccountName instead of displayName.
    Is this something which is supported to be configured or do I need to patch php files?
    Would it be possible to store an existing external avantar instead of storing the image as attachment first?

    Thanks in advance

    P.S.: To be able to configure multiple Authentication Mechanisms to work at the same time would be very helpful (e.g. internal, ldap1, ldap2)!
    Tags: authentication, ldap
    • tarasm
      Super Moderator
      • Mar 2014
      • 573
      #2
      Hi,

      Username is mapped to LDAP CN attribute. It was tested on OpenLDAP server.
      The mapping is defined in the file /application/Espo/Core/Utils/Authentication/LDAP.php,
      PHP Code:
      private $fields = array(
        'userName' => 'cn',
        'firstName' => 'givenname',
        'lastName' => 'sn',
        'title' => 'title',
        'emailAddress' => 'mail',
        'phoneNumber' => 'telephonenumber',
    );

      Please, notice if you change this file, it can be overridden by the next upgrade. The best way is contribute code to EspoCRM by improving the code and sending a pull request on github https://github.com/espocrm/espocrm.

      Information about configuring LDAP is described here http://blog.espocrm.com/administrati...n-for-espocrm/
      Last edited by tarasm; 05-08-2015, 09:41 AM.
      Job Offers and Requests

        Comment

        • hi-ko
          Member
          • May 2015
          • 90
          #3
          Thanks for the feedback. I've seen that cn is hardcoded also in Authentication. So the whole mechanism requires some refactoring ...
          A part which is also missing is a sync job to create users in advance and populate group memberships.
          A good example we also use is the LDAP Sync Module for Redmine https://github.com/thorin/redmine_ldap_sync

            Comment

            • hi-ko
              Member
              • May 2015
              • 90
              #4
              Originally posted by tarasm
              Please, notice if you change this file, it can be overridden by the next upgrade. The best way is contribute code to EspoCRM by improving the code and sending a pull request on github
              done: https://github.com/espocrm/espocrm/pull/157

                Comment

                Previous template Next
                Working...