Add support for ldap controls
LDAP connections to server support different types of controls. Eg. there is a edirectroy control for supporting simple passwords via LDAP:
'2.16.840.1.113719.1.27.101.5': ('2.16.840.1.113719.1.27.101.5', OID_CONTROL, 'Simple password', 'NOVELL'),
Other controls are available for getting a server side sorted list back from LDAP searches, using persistent searches and so on.
Please add a option for LDAP connections to set a list of active controls for the connection.
We have a IDM environment where set synchronize simple passwords, but we are not able to create a Validator test for that because we cannot enable the LDAP control for that connection.
A ldif file could look like this to enable the control and set the universal password as a hash value:
dn: cn=XXXX,ou=USER,ou=ROAM,o=XXXX
control: 2.16.840.1.113719.1.27.101.5
changetype: modify
replace: userPassword
userPassword: {md5}HM1L3x9FtNeOnQvpto3Iuw==
Rainer