Preventing the creation of duplicate usernames
eliza411 - June 13, 2009 - 03:28
| Project: | LDAP provisioning |
| Version: | 6.x-1.0-alpha1 |
| Component: | Code |
| Category: | feature request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | active |
Jump to:
Description
We have a setup where our frequent users come from a corporate ldap directory where their accounts already exist, but community people create LDAP accounts in a completely separate community ldap directory via this module. We must ensure that if a user creates an account in the community ldap instance their login is not a duplicate of a corporate username, both for the sake of clarity on the site, but also because it appears that ldap auth will authenticate against either user so they in effect share their drupal account.
I'm looking for suggestions on how to address this and to know if this is an edge case or whether others have similar needs.
#1
Ldap provisioning module was not designed to work with two or more separate LDAP servers (in contrast to ldap integration module). Although it does ensures that the same username is not created in the LDAP server the account is being created into, however, it does not know anything about other LDAP servers.
This works good in the setups when there are a second replica LDAP server for redundancy, but the accounts are still created in the master server.
For your particular case we would need a loop to check all LDAP servers, not only the one accounts are created into for duplicates.