How-to: Configure ssh pub key as user editable attribute in self service

DirkS · May 3, 2022, 12:48pm

How to Configure ssh pub key as user editable attribute in self service

Environment

UCS 4.4 or UCS 5
Self Service installed in domain (if not install via appcenter)

Configure ssh pub key as user editable attribute in self service

Step 1: Configuration of extended Attribute

Via UMC:
Log into UMC and open LDAP Directory in the domain category and browse to univention → custom attributes:

Bildschirmfoto von 2022-05-03 13-14-09

Create a new custom attribute by clicking ADD and choose “settings: extended attribute”. Then configure as shown (you can change the descriptions text and translation language; I only present necessary values, feel free to configure other also.)
Bildschirmfoto von 2022-05-03 13-39-17

or via udm on the command line:

udm settings/extended_attribute create --position "cn=custom attributes,cn=univention,$(ucr get ldap/base)"\
 --set CLIName=SSH_PubKey\
 --set copyable=0\
 --set name="sshPubKey"\
 --set module=users/self\
 --set module="users/user"\
 --set syntax="string"\
 --set multivalue=1\
 --set mayChange=1\
 --set objectClass=univentionFreeAttributes\
 --set ldapMapping=univentionFreeAttribute16\
 --set longDescription=SSH_Publick_Key\
 --set shortDescription='"de_DE" "SSH_PubKey"'

Step 2: Configure Self Service attributes:

ucr set self-service/udm_attributes="$(ucr get self-service/udm_attributes),SSH_PubKey"
ucr set self-service/ldap_attributes="$(ucr get self-service/ldap_attributes),univentionFreeAttribute16"
systemctl restart univention-management-console-server.service

DirkS · May 4, 2022, 6:14am