Add support for ldap controls

LDAP connections to server support different types of controls. Eg. there is a edirectroy control for supporting simple passwords via LDAP:


'2.16.840.1.113719.': ('2.16.840.1.113719.', OID_CONTROL, 'Simple password', 'NOVELL'),


Other controls are available for getting a server side sorted list back from LDAP searches, using persistent searches and so on.


Please add a option for LDAP connections to set a list of active controls for the connection.

We have a IDM environment where set synchronize simple passwords, but we are not able to create a Validator test for that because we cannot enable the LDAP control for that connection.


A ldif file could look like this to enable the control and set the universal password as a hash value:

dn: cn=XXXX,ou=USER,ou=ROAM,o=XXXX

control: 2.16.840.1.113719.

changetype: modify

replace: userPassword

userPassword: {md5}HM1L3x9FtNeOnQvpto3Iuw==





2 votes
Idea No. 52