JBoss.orgCommunity Documentation
Here are the main parameters to map eXo users to your directory:
<field name="userURL">
<string>ou=users,ou=portal,dc=exoplatform,dc=org</string>
</field>
<field name="userObjectClassFilter">
<string>objectClass=person</string>
</field>
<field name="userLDAPClasses">
<string>top,person,organizationalPerson,inetOrgPerson</string>
</field>
userURL: base dn for users. Users are created in a flat structure under this base with a dn of the form: ldap.userDN.key=username,userURL.
For example:
uid=john,cn=People,o=MyCompany,c=com{code}
However, if users exist deeply under userURL, eXo will be able to retrieve them.
Example:
uid=tom,ou=France,ou=EMEA,cn=People,o=MyCompany,c=com{code}
userObjectClassFilter: Filter used under userURL branch to distinguish eXo user entries from others.
Example: john and tom will be recognized as valid eXo users but EMEA and France entries will be ignored in the following subtree:
uid=john,cn=People,o=MyCompany,c=com
objectClass: person
...
ou=EMEA,cn=People,o=MyCompany,c=com
objectClass: organizationalUnit
...
ou=France,ou=EMEA,cn=People,o=MyCompany,c=com
objectClass: organizationalUnit
...
uid=tom,ou=EMEA,cn=People,o=MyCompany,c=com
objectClass: person
...
userLDAPClasses: commas are used to separate list of classes used for creating users.
When a new user is created, an entry will be created with the given objectClass attributes. The classes must at least define cn and any attribute referenced in the user mapping.
For example, adding the user Marry Simons could produce:
uid=marry,cn=users,ou=portal,dc=exoplatform,dc=org objectclass: top objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson ...
The following parameters maps LDAP attributes to eXo User Java objects attributes.
<field name="userUsernameAttr">
<string>uid</string>
</field>
<field name="userPassword">
<string>userPassword</string>
</field>
<field name="userFirstNameAttr">
<string>givenName</string>
</field>
<field name="userLastNameAttr">
<string>sn</string>
</field>
<field name="userDisplayNameAttr">
<string>displayName</string>
</field>
<field name="userMailAttr">
<string>mail</string>
</field>
userUsernameAttr: username (login)
userPassword: password (used when the portal authentication is done by eXo login module)
userFirstNameAttr: first name
userLastNameAttr: last name
userDisplayNameAttr: display name
userMailAttr: email address
In the example above, the user Marry Simons could produce:
uid=marry,cn=users,ou=portal,dc=exoplatform,dc=org userPassword: XXXX givenName: Marry sn: Simons displayName: Marry Simons mail: marry.simons@example.org uid: marry ...