OK, I figured this out on my own... and I feel even less professional
and knowledgeable than before. Though, I have learned something, and
that's worth something.
For others who may run into this: as long as your LDAP server accepts
the extensibleObject attribute (from what I understand, most modern LDAP
servers do), there is no need to add anything to the schema: the
extensibleObject IS the attribute. So, the script will add the name and
answer of the question to the user's entry all by itself.
There is one caveat that I found (and, if I am wrong, or there is an
option I am not aware of, someone PLEASE set me straight!): to use this
feature and have the ability to save the question/answer pair in the
user's LDAP entry, the "$who_change_password" option in the
config.inc.php file MUST be manager. Using "user" in this setting will
cause an error to occur, and the question/answer pair will not be added
to the user's entry.
Alex
On 09/03/2015 02:36 PM, Alex Moen wrote:
The documentation on your website
(http://ltb-project.org/wiki/documentation/self-service-password/latest/config_questions)
has the following comments:
Attribute and object class
Set the attribute in which the answer will be stored:
$answer_attribute = "info";
If the above attribute is not in a standard user object class, configure
the object class to use with this attribute:
$answer_objectClass = "extensibleObject";
I cannot find, anywhere on the web, a schema or LDIF file that contains
"answer_objectclass" as an entry to be added to an LDAP server.
Admittedly, I am not an LDAP expert; I know enough to run a basic system
for authentication, but advanced operations such as creating a new
attribute to add to the schema is beyond my current knowledge.
Is there an LDP schema that could be added to the ltb-project.org
downloads, that would contain an LDIF to include all of the specialized,
required attributes like answer_objectclass? I am new to the LTB
scripts (I am just starting with ssp), so I don't know if there are any
others that are needed yet...
Or at least have an explanation or process that shows a user how to add
the required attributes to the LDAP server?
If I can get the attribute added, I can figure out how to populate them...
Thanks for any advice!
Alex
_______________________________________________
ltb-users mailing list
[email protected]
http://lists.ltb-project.org/listinfo/ltb-users
--
Alex Moen
NSTII
North Dakota Telephone Company
701-662-6481
_______________________________________________
ltb-users mailing list
[email protected]
http://lists.ltb-project.org/listinfo/ltb-users
