Passing on a users LDAP dn when logging in?

To: debian-edu@lists.debian.org
Subject: Passing on a users LDAP dn when logging in?
From: Petter Reinholdtsen <pere@hungry.com>
Date: Sat, 3 Jul 2010 22:27:27 +0200
Message-id: <[🔎] 20100703202727.GD14437@login2.uio.no>

While working on the welcome page extraction from LDAP, it occured to
me that it would have been useful if the path to the current user's
LDAP object was available as a environment variable after login.  This
way one LDAP search could be avoided, and scripts could be use which
LDAP object to use to look up what setup to use.  It could not be used
for anything security sensitive, but would make it easier to find
welcome pages and user specific information.

The environment variable could be something like

  LDAP_USER_DN=uid=username,ou=People,dc=skole,dc=skolelinux,dc=no

An simple implementation could be done using the PAM package
libpam-python, searching in LDAP for the user name and setting the
environment variable during login.  It could also set the LDAP server
name, for example like this:

  LDAP_URI=ldap://ldap

Anyone know if something like this exist?  Should we try to implement
it or is it a bad idea?

Happy hacking,
-- 
Petter Reinholdtsen

Reply to:

Prev by Date: Re: Showing welcome web page when users log in, controlled by LDAP
Next by Date: Gnome Debian Edu desktop is broken in Squeeze
Previous by thread: Re: Showing welcome web page when users log in, controlled by LDAP
Next by thread: Gnome Debian Edu desktop is broken in Squeeze
Index(es):
- Date
- Thread