Hi,

We're currently working on a project where we should:

  • Import users from AD
  • Let users login with their AD credentials/session

We import the user accounts through LDAP Feeds and it seems to work well.

About the PUID: we need to implement some logic, cause the PUID is property1 unless property2 is provided. If this is the case, then property2 is the PUID.

My question is: should I replicate that logic in LDAP User mapping (on creation, on synch)? And if yes, how can I do that?

Thanks!

Comments

grahl’s picture

grahl
he/him
Location Zürich
CreditAttribution: grahl as a volunteer commented
Status: Active » Fixed

Hi

So this might be too late for you but just to follow-up: You should not need to repeat that assignment during sync events. The persistent user id is an attempt to assign the correct attribute value for the correct server to a user and it should not need to be changed during operations. Once the LDAP user is loaded the sync operations should just defer to it. Granted I have not verified your case personally but this is the way I believe it should work.

If you had feedback from your project itself maybe you could share it with the community for others having similar issues?

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.