Best Practice: add custom LDAP attributes

Scenario

We want to add some information into the LDAP but there is no fitting LDAP attribute to add it to. For example we might want to add the license plate number of a users car to a user object. There is no fitting attribute in the basic UCS.

Recommendation

We could add such a value in the same way as all other LDAP attributes are also added, by adding the schema information to the OpenLDAP server slapd. This however would not add the attribute to UDM or the UMC, so we could not edit it in the Web interface without further changes. The alternative is to use the extended attributes that are integrated in UCS.

There are 20 attributes already reserved for customer extensions (univentionFreeAttribute1 … univentionFreeAttribute20). You can find further information on them in the manual. More details can be found in the developer manual, if you need even more flexibility.

Extendes attributes can also be managed in the UMC.

Further Reading

Questions?

If you’re not sure whether the recommendations will fit into your scenario, please ask your Professional Services contact person, or create a new topic referencing this article.

Mastodon