How To
There might be the use case, that some attributes from samba4 should be mapped to Ldap. Other than in this case How-to: AD-Connector - Map Fax-Number (facsimileTelephoneNumber) from AD to LDAP we do not have a matching attribute in ldap and need to use an univentionFreeAttribute:
This example mapps the department Attribute from samba to the univentionFreeAttribute1 in openLdap.
Step 1:
Check for already used univentionFreeAttributes:
root@master:~# univention-ldapsearch -LLL univentionFreeAttribute1=* 1.1
If you get no output here, it is save to use.
Step 2:
Create an extendet attribute for that:
udm settings/extended_attribute create --position "cn=custom attributes,cn=univention,$(ucr get ldap/base)" --set name=department --set shortDescription=Department --set tabName=Contact --set translationTabName="de_DE Kontakt" --set CLIName=department --set mayChange=1 --set multivalue=1 --set module="users/user" --set objectClass=univentionFreeAttributes --set ldapMapping=univentionFreeAttribute1 --set syntax=string
Step 3:
Adjust the s4-connector mapping
root@master:~# cat /etc/univention/connector/s4/localmapping.py
import univention.s4connector.s4.mapping
def mapping_hook(s4_mapping):
s4_mapping['user'].post_attributes['department'] = \
univention.s4connector.attribute(
ucs_attribute='department',
ldap_attribute='univentionFreeAttribute1',
con_attribute='department'
)
return s4_mapping
Now you will find the Attribute in ldap with:
root@master:~# univention-ldapsearch -LLL uid=cscheini univentionFreeAttribute1
dn: uid=cscheini,cn=users,dc=ucs,dc=test
univentionFreeAttribute1: Support
and in samba4
root@master:~# univention-s4search --cross-ncs samaccountname=cscheini department
# record 1
dn: CN=Christina Scheinig,CN=Users,DC=ucs,DC=test
department: Support
Step 4:
Troubleshooting for the Connector:
In the following log File, you could check the S4-Connector-Status and will see which issue is happen.
/var/log/univention/connector-s4-status.log
and the mapping is shown in /var/log/univention/connector-s4-mapping.log