Selfservice Portal - LDAP Attribut for "Mail for Password Reset"

richie1985 · August 3, 2022, 3:46pm

Hi,

in which LDAP Attribute will be saved this value? I cant find it?

grafik

Thx!

Erik

jlk · August 3, 2022, 3:48pm

Good day,

that would be univentionPasswordSelfServiceEmail. (See also: Q&A: Which mail fields for users are available in UCS?)

Best regards
Jan-Luca

richie1985 · August 3, 2022, 4:28pm

perfect, thx… but “PasswordRecoveryEmailVerified” seems not existing or?

jlk · August 4, 2022, 6:46am

What do you mean by “seems not existing”? PasswordRecoveryEmailVerified is the name of the UDM attribute and can be seen in your screenshot too (“E-Mail-Adresse verifiziert”).

Best regards
Jan-Luca

richie1985 · August 4, 2022, 7:13am

yes of course, udm i see but not the ldap attribut i mean

jlk · August 4, 2022, 7:41am

The attribute is univentionPasswordRecoveryEmailVerified (as for the other one just prefix the UDM name with univention).

richie1985 · August 4, 2022, 7:58am

that i also tried, but seems not correct, i got this error in my job: NoSuchAttributeException

javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - 0000200A: objectclass_attrs: attribute ‘univentionPasswordRecoveryEmailVerified’ on entry

Thx!

jlk · August 4, 2022, 9:44am

I guess the attribute has to be set for this to work. You could catch the exception and handle this as a no.

richie1985 · August 5, 2022, 12:27pm

mmhhh sorry i dont get it, where i should “set” this attribute?

jlk · August 8, 2022, 7:21am

“set” = Assign a value. Currently the value is not TRUE nor FALSE but None as it is undefined and not set at all, this is why your code throws the exception. As long as this state occurs it means that functionally it is the same as FALSE as the mail address is not verified.

richie1985 · August 8, 2022, 10:02am

so first general question, i dont see this attributes in a ldap browser (doenst matter which one… softera ldap browser, Active Directory Explorer, ldapadmin)… it looks like this:

grafik

so it seems something general is not correct on my side… what could this be?

and for sure for this example i set values via web gui

jlk · August 8, 2022, 12:55pm

The Self-Service App defines it’s own LDAP schema for these attributes, maybe there is something to configure in you application?
I have no knowledge of this kind of graphical tooling, instead I would advise to use udm or univention-ldapsearch on the commandline or the LDAP-Tree UMC module.

For more info regarding the former:

Best regards
Jan-Luca

SirTux · August 11, 2022, 8:51pm

You’ve connected to which type of LDAP server? Samba 4 (port 636 if installed) or OpenLDAP (port 7636)?

richie1985 · August 18, 2022, 6:57am

i have samba4 installed but i connect ldap via default port 389. 636 and 7636 doesnt work, i got everytime:

grafik

Thx!

Erik

SirTux · August 18, 2022, 2:44pm

You’ve used “SSL+Benutzer+Kennwort” as security grade?

richie1985 · August 19, 2022, 1:13pm

yes i think so:

grafik

SirTux · August 19, 2022, 1:27pm

As you have to connect to OpenLDAP the dn is wrong: it’s uid=it not cn=it

richie1985 · August 19, 2022, 1:34pm

ohhhh damn yes of course…
now i can connect and tadaaaaa magic… is this this univention fields

im so sorry