Open gordanyang opened 7 years ago
Yes it is terrible, how unclear everything is. Add this to mapping
<key>mapping</key>
<dict>
<key>loginAllowed</key>
<string>ldap-boolean-field</string>
thanks f1-outsourcing . It works.
This should be documented or at least included in the sample ldap config linked from the FAQ; thanks for the report. The suggestion from @f1-outsourcing is correct.
yes. openldap integration works. my ldap config:
<key>DirectoryService</key>
<dict>
<key>type</key>
<string>ldap</string>
<key>params</key>
<dict>
<key>recordTypes</key>
<array>
<string>users</string>
<string>groups</string>
</array>
<key>uri</key>
<string>ldap://*/</string>
<key>credentials</key>
<dict>
<key>dn</key>
<string>*</string>
<key>password</key>
<string>*</string>
</dict>
<key>rdnSchema</key>
<dict>
<key>base</key>
<string>*</string>
<key>users</key>
<string>cn=admin</string>
<key>groups</key>
<string>cn=admin</string>
<key>locations</key>
<string>cn=admin</string>
<key>resources</key>
<string>cn=admin</string>
<key>addresses</key>
<string>cn=admin</string>
</dict>
<key>mapping</key>
<dict>
<key>loginAllowed</key>
<string>ldap-boolean-field</string>
<key>uid</key>
<array>
<string>cn</string>
</array>
<key>guid</key>
<array>
<string>uidNumber</string>
</array>
<key>shortNames</key>
<array>
<string>uid</string>
</array>
<key>fullNames</key>
<array>
<string>sn</string>
</array>
<key>emailAddresses</key>
<array>
<string>mail</string>
</array>
</dict>
</dict>
</dict>
As of this commit, you don't have to include loginAllowed if you don't want to control whether a user can log in or not via an LDAP attribute:
https://github.com/apple/ccs-calendarserver/commit/a92d8a50669e834af2e4a93b812f0c298379ce1f
ldap can't use... when i open the openldap config in caldavd-test.plist, and copy to caldavd-dev.plist,there has errors in console.
Can't start or connect to postgres: 'ConfigDict' object has no attribute 'loginAllowed' ??