I'm trying to setup a 389 Directory Server for special use case in authenticating for a website and holding special attributes that are not already predefined (out of the box).
The installation and initial configuration was a breeze, but I'm unsure of exactly how to get my custom (user defined) attributes to be associated with new users added to a specific group. Here is what I did, but I realize there may be something fundamentally wrong with how I did it since it doesn't work.
In the 389 DS admin console for the directory server, I added user defined attributes to the configuration/schema/attributes. Attribute is called "agencyid", although there will be many more in the end. I also added it to part of an "agent" object class.
Since that is part of the schema now, I thought I could just assign the attributes to a new OU when under the Directory tab. The problem is, I cannot see the attribute when under advanced properties and clicking "add attribute."
Also, while I haven't gotten to this point yet, it is worth asking. If I was going to have customer support people enter in this custom data on some sort of form -- meaning this has nothing to do with NT or Posix authentication or typical out-of-the-box attributes, what would be a good tool to use that I could easily customize for this purpose? There are a lot of LDAP type administration tools, but some of them don't seem entirely flexible in being able to customize to allow administration of only those attributes that I desire them to associate with a user.
Thank you!
---------- Post added at 03:17 PM ---------- Previous post was at 09:49 AM ----------
I think I kind-of figured part of my question out in the 389 DS Admin console. Hopefully this will help someone else, also.
When you first create new user-defined attributes, then create an object class that contains them, you may then create a new "other" object and select the object class you created.
So I now figured out how to populate the database/directory with new attributes. However, I still need to figure out what the best interface would be to create new objects containing those attributes without things being confusing for the end user. Any suggestions from anyone?
Thanks
The installation and initial configuration was a breeze, but I'm unsure of exactly how to get my custom (user defined) attributes to be associated with new users added to a specific group. Here is what I did, but I realize there may be something fundamentally wrong with how I did it since it doesn't work.
In the 389 DS admin console for the directory server, I added user defined attributes to the configuration/schema/attributes. Attribute is called "agencyid", although there will be many more in the end. I also added it to part of an "agent" object class.
Since that is part of the schema now, I thought I could just assign the attributes to a new OU when under the Directory tab. The problem is, I cannot see the attribute when under advanced properties and clicking "add attribute."
Also, while I haven't gotten to this point yet, it is worth asking. If I was going to have customer support people enter in this custom data on some sort of form -- meaning this has nothing to do with NT or Posix authentication or typical out-of-the-box attributes, what would be a good tool to use that I could easily customize for this purpose? There are a lot of LDAP type administration tools, but some of them don't seem entirely flexible in being able to customize to allow administration of only those attributes that I desire them to associate with a user.
Thank you!
---------- Post added at 03:17 PM ---------- Previous post was at 09:49 AM ----------
I think I kind-of figured part of my question out in the 389 DS Admin console. Hopefully this will help someone else, also.
When you first create new user-defined attributes, then create an object class that contains them, you may then create a new "other" object and select the object class you created.
So I now figured out how to populate the database/directory with new attributes. However, I still need to figure out what the best interface would be to create new objects containing those attributes without things being confusing for the end user. Any suggestions from anyone?
Thanks