LDAP session plugin: automatic creation of homedir

[samuambroj]

trafficstars

Dear dCache Team,

We have tested a basic gplazma configuration with OIDC and LDAP [1]. The OIDC related properties consist of just 2 lines [2] and the connection to LDAP has also worked, where the gplazma.ldap.root-dir was set up and verified that it worked. The value we used includes the %homeDirectory% from the LDAP attributes. In the end we have been able to upload files with an OIDC token and the file ended up under the desired directory. One example [3]. All of this has worked because we have created beforehand the corresponding directory in the Chimera namespace and to make this work with thousands of users, we will need a script for the creation of the home directories, or and here comes the feature request maybe this could be performed by dCache. If dCache could check if the home directory exists, and if not create it, it would be welcome.

Best, Samuel

[1]

# cat /etc/dcache/gplazma.conf 
auth optional oidc

map optional ldap

session optional ldap

[2]

# grep oidc /etc/dcache/dcache.conf 
gplazma.oidc.provider!FELS = https://<url> -profile=oidc -accept=username 
gplazma.oidc.audience-targets = <audience>

[3]

$ curl -v -k -L -T test-1 -H "Authorization: Bearer $(oidc-token bwda_public_client)" https://<webdav-endpoint>:2880/test-1

[samuambroj]

Added @XMol