Re: Schemas, filters, attributes and values

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On 06/07/16 14:26, Ludwig Krispenz wrote:


On 07/06/2016 02:12 PM, Mitja Mihelič wrote:

Hi!
We would like to connect our services to 389DS. Each user would have an attribute that would determine their quota for each service. We have a registered space within the OID tree for our organization and the attributes would go there. For for the quota attribute I was thinking multivalue. Something like (numbers and names are arbitrary): 
userQuota:
  mail:500
  ftp:20
  webapp1:30
  webapp2:35
The service would request the attribute and then parse out its own value. All nice and good for our in-house apps.
There is a problem, when a service like dovecot expects the value to be a number. Then, as we tested, the multivalue idea does not work.
Is there a way to use the filters so a query returns only the number (500 from mail:500)? 
which attribute does dovecat request ?
Dovecot requests whichever attribute we configure it to use in dovecot-ldap.conf.ext. But the returned value must be a number.
if it requests userQuota you would have to return all values, and if you strip the qualifier and only return (500,20,30,35) how would the app know what is what ?
If userQuota is a multivalue attribute then there must be qualifiers present. There is no sense in having values that cannot be matched to a service. Dovecot would probably only use the first number it got returned and ignore the rest. Or fail altogether. I saw no sense in testing this.
With quantifiers, in an app that is maintained by us that would present no problem. The app would get all values and parse out the the value for its own quota.
and if you write a plugin to return a single value, how would it know to return the number for mail and not ftp ?
That I do not know, which is the reason why I am asking for help. I was thinking the plugin could return the right value based on the bind DN or on the origin server. 
I think the closet you could get is using tags:
userQuota;mail: 500
userQuota; ftp: 20
userQuota;webapp1: 30
userQuota;webapp2: 35

Could you explain what you mean by that? I am not familiar with 389DS tags.

Kind regards,
Mitja



Could it be done with 389DS plugins?

Kind regards,

--
Mitja Mihelič
ARNES, Tehnološki park 18, p.p. 7, SI-1001 Ljubljana, Slovenia
tel: +386 1 479 8800, fax: +386 1 479 88 99
--
389-users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://lists.fedoraproject.org/admin/lists/389-users@xxxxxxxxxxxxxxxxxxxxxxx 


--
389-users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://lists.fedoraproject.org/admin/lists/389-users@xxxxxxxxxxxxxxxxxxxxxxx
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux