Adding Custom user fields

openldap

#1

Is there a way to add custom fields to users in UMC/UCS/LDAP?
We would like to add a field for “Badge Access ID” and “Assigned Building Key” with the end goal of having our BMS (Building Management System) dip into LDAP and pull this information for granting/denying access to our buildings (BMS will not modify these fields only read them to determine access rights), this would be done via User section in UMC, we have confirmed that the BMS supports LDAP and Active Directory for backend authentication query for Building access. We just need to have the fields for it will look for in LDAP.


#2

You can create Custom and Extended Attributes in UCS. I link the documentation: http://docs.software-univention.de/manual-4.2.html#central:extendedattrs Is that what you search for?


#3

UCS supports creating additional (“extended”) attributes for all object types.

There is documentation on creating extended attributes here: http://docs.software-univention.de/developer-reference-4.2.html#udm:ea

To see existing extended attributes run:
udm settings/extended_attribute list

Or graphically in the UMC:
Domain → LDAP directory
univention → custom attributes
Click an item to edit and see the same object as on the command line or:
Add → "Settings: Extended attribute" to add a new extended attribute.

You will need an LDAP schema. See the documentation on how to create and activate it. I recommend to go the long way of making a Debian package if you plan to maintain this for a long time.