Skip Menu |

This queue is for tickets about the RT-Extension-LDAPImport CPAN distribution.

Report information
The Basics
Id: 96042
Status: new
Priority: 0/
Queue: RT-Extension-LDAPImport
People
Owner: Nobody in particular
Requestors: atc135 [...] psu.edu
Cc:
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: (no value)

History Show all quoted text
  Wed May 28 15:52:10 2014 atc135 [...] psu.edu - Ticket created
Subject: LDAPImport should specify which attributes to return
Date: Wed, 28 May 2014 15:51:55 -0400 (EDT)
To: bug-RT-Extension-LDAPImport [...] rt.cpan.org
From: Andy Cobaugh <atc135 [...] psu.edu>
rtldapimport should only request the attributes specified in $LDAPMapping and $LDAPGroupMapping. As it is, if we only need uid, mail, and cn from a user, we end up returning the entire user object from LDAP, which depending on how some directories are set up, could be rather large. The same is true for groups. If an organization is using rfc2307bis style groups that contain both memberUid and member attributes, and we only need memberUid, we could potentially return a group object that is twice as big as necessary. Consider the case where there is a group with hundreds or thousands of members - that search result could be rather large. This should be rather trivial to implement, by simply specifying attrs => [] in _run_search() and passing in the values of $LDAPMapping and $LDAPGroupMapping where appropriate. -- Andy Cobaugh System Design Specialist PSU/ITS/AIS/System Engineering