Q&A: How can I change SAML preferences for a user via udm

scheinig · October 24, 2018, 9:44am

Question:

How can I change SAML preferences for a user via udm?

Answer:

To search for possible serviceProviders:

univention-ldapsearch -LLL -b cn=saml-serviceprovider,cn=univention,$(ucr get ldap/base) SAMLServiceProviderIdentifier

Possible modifications in udm:

modify options
  --set                    overwrites exactly one Value
  --append                 appends Values, but one append for each SP --append serviceprovider="<DN>" --append serviceprovider="<DN>"
  --remove                 entfernt den entsprechenden Eintrag

Example udm command:

udm users/user modify --dn 'uid=irenaeus.tro,cn=schueler,cn=users,ou=licht,dc=schein,dc=me' --set serviceprovider="SAMLServiceProviderIdentifier=https://slave.schein.me/univention/saml/meta
 data,cn=saml-serviceprovider,cn=univention,dc=schein,dc=me"

Investigation:

The udm command is similar to the setting it in UMC:

Bildschirmfoto%20vom%202018-10-24%2011-32-02