On 12/16/2014 03:55 PM, Lukas Slebodnik wrote:
On (16/12/14 15:49), Nikolai Kondrashov wrote:
> Hi everyone,
>
> Reading the sssd-ldap manpage I was struck by how many of the options deal
> with setting various LDAP attribute names. This really makes the manpage
> crowded and hard to navigate.
>
> What if we replace all these options with a single option, accepting a list of
> mappings (e.g. "ldap_attr_map")? We can then put the descriptions and
default
> mappings in a nice table under that single option in the manpage and deprecate
> the separate options.
>
It might be good to see a small example.
Then it would be easier to choose better solution.
How about having space or comma-separated pairs, where former option suffix
would be separated from the attribute name by, say, a colon.
Like this:
ldap_attr_map = user_name:uid user_uid_number:uidNumber group_name:cn
I.e. have "ldap_" suffix removed from attribute mapping option names and the
rest used as key in the map.
Missing entries would mean default mapping.
The new option would take precedence over the old ones it replaces.
One problem is I don't see a syntax for line continuation/wrapping. Without it
the option value line might get too long for complicated mappings.
Do we support line wrapping/continuation syntax in sssd.conf?
Nick