Also, with this, LDAP is treated as second class citizen by not exposing LDAP users to be able to select them for room invites, etc. It would be good to be able to set which field is used to generate what the "local" account is. Some prefer uid (like us) and others like Full Name, some Last, First etc. I do not think this should be forced upon someone to only have it one way. As it is, I need to currently try to remember exactly how the Full name of my users is, in order to invite them to a room, etc. > Mon Sep 11 2017 03:32:47 PM EDT from bennabiy @ Uncensored Subject: Re: >LDAP / Cit-NG > > > >What about a clobber / no-clobber rule. > > > >So to sum up: > >A configuration option only available when LDAP auth is chosen (whether >standard or AD) which has these settings: > * Off - meaning only use LDAP for AUTH, but no VCARD generation > * EMAIL - meaning update EMAIL addresses in user config as well as Auth AT >each login > * FULL - meaning update FULL vCard info at each login as well as Auth > > A second command (does not have to be in webcit, can just be a SENDCOMMAND >or something) which can clear / blank all entries in the user table, or can >poll LDAP to fill in users from LDAP without each user needing to log in. > > > > An option for LDAP to be polled at an interval to check for new changes. > > > > > > Too much? > > >> Mon Sep 11 2017 12:54:47 PM EDT from IGnatius T Foobar @ Uncensored >>Subject: Re: LDAP / Cit-NG >> >> >>>Site configurable, as in whether to bring in all addresses which match the
>> >> >>>citadel configuration? I am not sure what you are thinking when you say >> site >> >>>configurable. As in do you copy the address at all, or at each login, etc? >> >> >>Yes, exactly ... I'm thinking we probably are going to need *one* >>site-configurable setting to tell Citadel Server whether to copy email >>addresses from the directory never, at login, or continually. >> >>I'd prefer not to have to add a configuration setting, but I'm thinking if >>we've got sites out there with lots of locally configured email addresses who >>are only using LDAP to verify the user's password, we'll clobber those >>locally configured addresses if we copy from LDAP. >> >> >> >> > > > > > > >
