Many feel it's probably not worth doing for AD from a MS support
perspective.
We implemented it along with other custom LDAP schema on eDir LDAP. It
makes sense for us even if it's just to keep things less cryptic in our
IDM system.
Any other LDAP server is also probably fine, but AD admins generally
get understandably twitchy. I won't add it to our AD.
Cheers,
Si
>>> On 10/12/2013 at 18:41, in message <[log in to unmask]>,
Sara Hopkins
<[log in to unmask]> wrote:
> Sorry to come in so late here with my tuppence.
>
> eduPerson is originally an LDAP schema.
>
> I would have thought that it's well worth populating LDAPs directly
with
> eduPerson attributes. It certainly would save us a lot of work in the
> federation support team, explaining to people how to write scripts to
> shoehorn yet another slightly different attribute into eduPerson.
>
> Cheers,
>
> Sara
Mae'r e-bost hwn ac unrhyw ffeiliau atodedig yn gyfrinachol ac at sylw'r
unigolyn neu'r sefydliad a enwir uchod. Bydd
unrhyw farn neu sylwadau a fynegir yn perthyn i'r awdur yn unig ac ni
chynrychiolant o anghenraid farn Coleg Sir Gâr.
Os ydych chi wedi derbyn yr e-bost hwn ar gam, rhowch sylw i'r
gweinyddwr ar y cyfeiriad canlynol:
[log in to unmask]
Cysidrwch yr amgylchedd - a oes wir angen argraffu'r ebost hwn?
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to
whom they are addressed. Any views or opinions expressed are solely
those of the author and do not necessarily represent those of Coleg Sir
Gâr. If you have received this email in error please notify the
administrator on the following address:
[log in to unmask]
Please consider the environment - do you really need to print this
email?.
|