I understand, I guess do the best you can, sorry you are losing office space, if would've have been in NYC, we could have helped you with it :)
I've also sent an email asking for help with scheduled tasks, perhaps someone can respond. Regards ilya > -----Original Message----- > From: Ian Duffy [mailto:i...@ianduffy.ie] > Sent: Friday, July 26, 2013 1:10 PM > To: dev@cloudstack.apache.org > Subject: RE: [GSoC] (Screencast/Demo) LDAP user provisioning > > Hi llya, > > Apologies in advanced for lack of formatting, currently replying from mobile. > > Those UI features are present in 4.2 under LDAP configuration within global > settings as far as I am aware. They are buggy if I remember correctly. > > For deactivating users I haven't looked into it yet and have not sent out an > email asking for help on creating a scheduled task. It is not included within > the project proposal so I was leaving it as a 'if I have time at the end' > type of > thing. I lose office space and a decent internet connection come august 20th > so I'm pushing to get all proposed features done before then. > > Check out 1:25 such messages exist. > > Yes has been tested against Apache DS, openldap and active directory. I'm a > little worried about implementing a member of filter, I've yet to figure out > how to enable that in openldap, active directory has it by default thankfully. > You'll need to set your LDAP attributes for active directory within global > settings, by default they are at POSIX compliant ones... So.. > User object to user username to samAccountName. > On 26 Jul 2013 17:20, "Musayev, Ilya" <imusa...@webmd.net> wrote: > > > Ian > > > > Watched screencast and you did an amazing job! I want to backport this > > into my customized 4.1 cloudstack edition called cloudsand. CloudSand > > is a hybrid of CloudStack stable version with some urgently needed > > features pulled from master to speed up cloudstack adoption by > > enterprises. The work you do on LDAP will be a great addition! > > > > With that said, I have few questions: > > > > Back several months aqgo, I recall some work done on LDAP where a > > patch was introduced to configure LDAP through UI. Not in Global > > Settings like you did for basedn, but in separate window where you > > defined hostname and port. Would you know what happened to that? > > Where do you stand with scheduled task on checking which ldap users > > have been deactivated and deactivate them in CS as well? > > Also, it would be nice to mention "User XYZ could not be added due to > > missing email (or whatever else is missing)". > > Have you tried testing this on Windows AD, unfortunately, many > > enterprises use Microsoft Active Directory. > > > > Thank again for improving CloudStack, > > > > Regards > > -ilya > > > > > > > -----Original Message----- > > > From: Ian Duffy [mailto:i...@ianduffy.ie] > > > Sent: Friday, July 26, 2013 11:52 AM > > > To: Sebastien Goasguen; Abhinandan Prateek; CloudStack Dev > > > Subject: [GSoC] (Screencast/Demo) LDAP user provisioning > > > > > > Hi Guys, > > > > > > The latest patch I uploaded to review board ( > > > https://reviews.apache.org/r/12969/ ) brings the "LDAP user > > provisioning" > > > project to a "prototype" stage. > > > > > > If anybody wants to give feedback the ldapplugin branch should have > > > all features shown in the screencast once the above patch is shipped. > > > Support still needs to be added for ldap over SSL, memberof filters > > > and > > only > > > show users that exist within ldap but not cloudstack on the add user > > screen. > > > > > > This includes: > > > - A new plugin for configuring ldap, authenticating against LDAP > > > and > > getting a > > > list of users from LDAP. > > > - Modified UI > > > - Global Settings - Global LDAP configuration options. > > > BaseDN, > > Bind > > > username, Bind password, etc. > > > - Global settings -> LDAP Configuration. Lets you add > > > multiple > > LDAP > > > servers for failover support. > > > - Accounts -> Add Account. Brings up a table of LDAP users, > > > lets > > you select > > > one to many LDAP users, set the same domain/network > > > domain/timezone/etc. for them and create them. > > > > > > Quick 2min screencast at > > > https://www.youtube.com/watch?v=-3LG8wP7Zac&hd=1 showing off > these > > > additions. > > > > > > This screencast was created using the embedded LDAP server I added > > > in for the sake of integration tests. Its based of ApacheDS, and can > > > be started > > with > > > > > > mvn -pl plugins/user-authenticators/ldap ldap:run > > > > > > Thanks for all the help! > > > Ian > > > >
