Q&A: Can I synchronize other attributes from ldap to mail attribute in samba by the S4-Connector

scheinig · February 13, 2025, 8:37am

Question:

From the LDAP, the mailPrimaryAddress field is synchronized to Samba in the “mail” field.
Is there a way to synchronize the univentionPasswordSelfServiceEmail field from LDAP to Samba instead of the mailPrimaryAddress and thus influence the mapping?

Answer:

Yes, you need to overwrite the existing mapping with the localmapping

root@master:~# cat /etc/univention/connector/s4/localmapping.py
import univention.s4connector.s4.mapping

def mapping_hook(s4_mapping):
        s4_mapping['user'].post_attributes['mail'] = \
                univention.s4connector.attribute(
                        ucs_attribute='PasswordRecoveryEmail',
                        ldap_attribute='univentionPasswordSelfServiceEmail',
                        con_attribute='mail',
                        single_value=True,
                        reverse_attribute_check=True
                )
        return s4_mapping

And you also have to include mailPrimaryAddress in the ucr Variable connector/s4/mapping/user/attributes/ignorelist

ucr set connector/s4/mapping/user/attributes/ignorelist="$(ucr get connector/s4/mapping/user/attributes/ignorelist),mailPrimaryAddress"
systemctl restart univention-s4-connector.service

system · February 14, 2025, 8:37am

This topic was automatically closed after 24 hours. New replies are no longer allowed.