Validator

Add support for ldap controls

LDAP connections to server support different types of controls. Eg. there is a edirectroy control for supporting simple passwords via LDAP:

 

'2.16.840.1.113719.1.27.101.5': ('2.16.840.1.113719.1.27.101.5', OID_CONTROL, 'Simple password', 'NOVELL'),

 

Other controls are available for getting a server side sorted list back from LDAP searches, using persistent searches and so on.

 

Please add a option for LDAP connections to set a list of active controls for the connection.

We have a IDM environment where set synchronize simple passwords, but we are not able to create a Validator test for that because we cannot enable the LDAP control for that connection.

 

A ldif file could look like this to enable the control and set the universal password as a hash value:

dn: cn=XXXX,ou=USER,ou=ROAM,o=XXXX

control: 2.16.840.1.113719.1.27.101.5

changetype: modify

replace: userPassword

userPassword: {md5}HM1L3x9FtNeOnQvpto3Iuw==

 

Rainer

Tags

Voting

2 votes
Idea No. 52