v2.1 supports now multiple LDAP fields in a template e.g.:
user_attrs =
homeDirectory=home,
uidNumber=uid,
gidNumber=gid,
=mail=%{ldap:mailboxFormat}:%{ldap:homeDirectory}
which is the same as:
user_attrs =
=home=%{ldap:homeDirectory},
=uid=%{ldap:uidNumber},
=gid=%{ldap:gidNumber},
=mail=%{ldap:mailboxFormat}:%{ldap:homeDirectory}
I was also thinking about adding an alternative simplified syntax for this:
user_attrs { home = %{ldap:homeDirectory} uid = %{ldap:uidNumber} gid = %{ldap:gidNumber} mail = %{ldap:mailboxFormat}:%{ldap:homeDirectory} }
Any ideas for further improvements before I do this change?
One thing I'm still wondering about is what I should do when LDAP returns multiple values. Like perhaps:
acl_groups = %{ldap:aclGroups:,}
Which would mean that all the aclGroups values would be joined together separated by "," characters. And a bit more complex with multiple gidNumbers:
gid = %{ldap:gidNumber[0]} mail_access_groups = %{ldap:gidNumber[1:]:,}