Tweak on Samba AD Controller and User Admin Interface

Folks, interesting thing came up while integrating Redmine with the AD. As I made a "create on the fly"account, I got a error message from Redmine about the last name and email being blank and the first name had the full name in it. It was easy enough to modify on Redmine but it seems that the Nethserver User Creation interface put the “name” into the “givenName” field on the Active Directory Property variable. Proper AD properties appear to include:

givenName (first name, currently full name appears to be stored there as a whole)
sN (Surname)
mail (email)
title (Job Title)

there are a few more but these might be basic to many offices.

Would be useful (and more Pro looking) for people using the AD authentication to have the first name (givenName), last name (sN), and email (mail) entered and stored in separate fields (perhaps only on AD mode) so they can be used by other systems smart enough to utilize these AD field values. It is cool that other open source programs can make use of these values.

1 Like

Current implement doesn’t honor these fields because we had some limitation imposed by PAM.
Probably we can now rework a little the web interface and the underlying scripts.

1 Like

Okay. While I don’t know the finite details of the PAM process I understand that PAM may not support the fields in the AD structures. May be useful to use your internal database to keep those values and add them into the Samba conf files (or wherever these files are usually stored, haven’t memorized all the properties of the smb.conf file). That would seem to be the logical way to do it if Nethserver is in AD mode. Allows easier separation. at least that would be my approach. (need to find time to get into more dev stuff)

1 Like

I have had the same issue with moodle when I did the Ldap authentication, indeed moodle is waiting at least that email, firstname and surname are filled automatically by ldap. If it is not the case, then moodle stops and displays the missing fields. I workaround the problem by a trick, however it should be better if each field gets its value.

I’ve found this nice link

http://www.rlmueller.net/Name_Attributes.htm

Hm…what about this one:

http://www.kouti.com/tables/userattributes.htm

This may be useful too:

https://msdn.microsoft.com/en-us/library/ms675090(v=vs.85).aspx

1 Like