Thanks Marek! For now, I'm using the (a) option!
But I think would be possible to implement an LDAP Mapper in the future.
just to get the "ou" info.
I'll take a look in the code and try to add a new Mapper Type.
Thanks again! This is a really great tool!
2017-03-30 16:33 GMT-03:00 Marek Posolda <mposolda(a)redhat.com>:
There is no built-in support for this. However you can achieve it by
doing
any of:
a) Map the LDAP_ENTRY_DN as attribute in your token and then have some
logic in your application (or whenever it is needed) that will just parse
name of the OU from the full DN.
b) Create the custom LDAP mapper, which will do the above. Then it will be
available in user attributes
c) Create protocol mapper, which will do the above. User attribute will
still contain just LDAP_ENTRY_DN, but you will have claim in the token with
the value of your OU.
I would personally go with (a) and handle it in your app if possible.
That's the easiest path IMO.
Marek
On 30/03/17 20:20, Celso Agra wrote:
> Hi all,
>
> I'd like to retrieve the organizational unit (ou) from LDAP Mapper and set
> this in the User Attributes.
>
> When I get a user from LDAP, it set an attribute called LDAP_ENTRY_DN,
> with
> value : "uid=xxxxxx,ou=group,dc=dom3,dc=dom2,dc=dom1"
>
> So, I'd like to retrieve just the ou info "group", and set this to the
> user
> attribute.
> Would be possible to do that? Is there some mapper type just to retrieve
> this information?
>
> Best Regards,
>
>
--
---
*Celso Agra*