Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / phosphor-dbus-interfaces / e5c0eef46a4fc09256332bf3afe699d60aaebbb3^! / .
commite5c0eef46a4fc09256332bf3afe699d60aaebbb3[log] [tgz]
authorRatan Gupta <ratagupt@linux.vnet.ibm.com>Wed Feb 06 17:58:17 2019 +0530
committerRatan Gupta <ratagupt@linux.vnet.ibm.com>Mon Feb 18 21:43:40 2019 +0530
tree6c2b6dc18c549e494fb43c5db7b9df5d1b1839ee
parent1838fe7365ecd4e867601329f6ae81b852d9d3af [diff]
Add few additional properties in the LDAP config

User can provide these properties to configure the LDAP.

UsernameAttribute:
In certain ldap server userid is "cn" and in other ldap
server it becomes "uid"

GroupNameAttribute:
In certain ldap server groupid is gid and in other ldap
server is PrimaryGroupID etc.

Both properties exist in the LDAP server and admin of LDAP
server can opt for any property to specify the userID
and same is true for other properties(GroupName).

It is aligned with redfish also.
https://redfish.dmtf.org/schemas/AccountService.v1_3_1.json

Change-Id: I3689d03bd80f62cc26fe840a9176875499c87554
Signed-off-by: Ratan Gupta <ratagupt@linux.vnet.ibm.com>

diff --git a/xyz/openbmc_project/User/Ldap/Config.interface.yaml b/xyz/openbmc_project/User/Ldap/Config.interface.yaml
index 6b0a1e5..a0c72e0 100644
--- a/xyz/openbmc_project/User/Ldap/Config.interface.yaml
+++ b/xyz/openbmc_project/User/Ldap/Config.interface.yaml

@@ -41,7 +41,16 @@
           to react differently for AD vs openldap.
       errors:
         - xyz.openbmc_project.Common.Error.InternalFailure
-
+    - name: GroupNameAttribute
+      type: string
+      description: >
+          The value of this property shall be the attribute name
+          that contains the name of the Group in the LDAP server.
+    - name: UserNameAttribute
+      type: string
+      description: >
+          The value of this property shall be the attribute name
+          that contains the username in the LDAP server.
 enumerations:
     - name: SearchScope
       description: >

diff --git a/xyz/openbmc_project/User/Ldap/Create.interface.yaml b/xyz/openbmc_project/User/Ldap/Create.interface.yaml
index ea16928..69c03e6 100644
--- a/xyz/openbmc_project/User/Ldap/Create.interface.yaml
+++ b/xyz/openbmc_project/User/Ldap/Create.interface.yaml

@@ -39,6 +39,16 @@
               OpenLdap. It's just an indication for the LDAP stack running on
               the BMC, in case the app is implemented in such a way that it has
               to react differently for AD vs openldap.
+        - name: GroupNameAttribute
+          type: string
+          description: >
+              Specifies the attribute name that contains the name
+              of the Group in the LDAP server.
+        - name: UsernameAttribute
+          type: string
+          description: >
+              Specifies the attribute name that contains
+              the username in the LDAP server.
       returns:
         - name: path
           type: string