I am trying to authenticate and then authorize against my campus LDAP.
I want to use a user attribute to perform simple authorization. Our ldap has an attirbute:
Definition: Relationship with the University
Data Source: presence or absence in identity provisioning data
LDAP Presence: all
Example Data: student, registered, umail
LDAP objectClass: campusPerson
I may be bastardizing something here in Server Setup 2.x-dev settings page. If I tell it to about group information using this field ... a valid test user returns the example attached.
It looks like LDAP sees membership as Student and Umail, Great!
.... can I somehow transform this into a Drupal "Student" role I create. I can't figure out how to do this. So far as I can tell its not a value of the users DN returned upon a search (search DN is just o=campus).