Odoo Addons (MOVED TO GITHUB)

auth_ldap to import additional fields from ldap

Bug #1172049 reported by Ian Beardslee
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
Odoo Addons (MOVED TO GITHUB)
Confirmed
Wishlist
OpenERP R&D Addons Team 1

Bug Description

There are a number of fields related to a user that could be imported from LDAP when a user logs in such as their photo, phone numbers etc. Before I get carried away creating a patch/branch for this, there are a couple of other things worth considering ..

1/ Any other fields worth adding? Other people will have more LDAP fields than we do. At this point we haven't really considered adding more fields than already exists for the current user/partner set up, but it is doable.

2/ If there are more fields to be added, should there be some way of selecting/mapping those values you'd want to import? Different LDAP -> OpenERP Mappings?

3/ Internally we want to be able to update information from LDAP (on login), eg phone number changes (stop people changing their names), or retroactively add those details to users existing before this patch. Should that be a general update all information from LDAP .. or selected fields only?

We have tested that a plain import of additional fields is simple and have it working on our internal test systems by making changes to addons/auth_ldap/users_ldap.py (def map_ldap_attributes ~line 163). eg ..

    values = { 'name': ldap_entry[1]['cn'][0],
               'email': ldap_entry[1]['mail'][0],
               'phone': ldap_entry[1]['telephoneNumber'][0],
               'mobile': ldap_entry[1]['mobile'][0],
               'image': ldap_entry[1]['jpegPhoto'][0].encode('base64'),
               'login': login,
               'company_id': conf['company']
               }

This is more of a wishlist/enhancement than a bug.

Revision history for this message
Stefan Rijnhart (Opener) (stefan-opener) wrote :

+1 for a configurable attribute/field mapping

Revision history for this message
Amit Parik (amit-parik) wrote :

Its good improvement.

@lan : Thats really good that you will provide the fix/branch .

Thank you!

Changed in openobject-addons:
assignee: nobody → OpenERP R&D Addons Team 1 (openerp-dev-addons1)
importance: Undecided → Wishlist
status: New → Confirmed
Revision history for this message
Jan Jurkus (jjurkus) wrote :

I think it's wise to be able to configure the LDAP to OpenERP mappings, not everybody is using the same setup. There are probably also differences between AD and OpenLDAP, for instance.

How would you update information from LDAP? Of course I can force this by deleting the user, but this is not really useful in a production environment. Selecting the fields to be overwritten by LDAP seems like a good idea.

A simple table like this should do the trick:
OpenERP property - LDAP property - overwrite
email - mail - check box ticked
add item..

Wish I could program this!

Revision history for this message
Jan Jurkus (jjurkus) wrote :

Someone might also want to look at this module: https://www.openerp.com/apps/7.0/users_ldap_populate/

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.