This project has moved and is read-only. For the latest updates, please go here.

use of AttributeHelpers to populate SharePoint user metadata

Apr 7, 2014 at 8:34 PM
First off, thanks for this wonderful time saving tool. I shudder to think how long it would have taken for me to develop a Custom Claims Provider from the ground up.

Now... I am attempting to understand the capabilities of the AttributeHelper objects that can be defined in the "for Developers" edition of LDAPCP. I would like to be able to query based on the upn, displayName, or sn LDAP attributes, and then add the displayName, email, Department, and JobTitle data to the metadata of the user entry that is then added to sharepoint. Is this actually possible?

Below is the code that I am using. It works almost as desired... The problem is that only the upn metadata is being added to the entry. The display name of the user in sharepoint is coming out in the format "[upn] ([displayName])" format.

            new AttributeHelper{LDAPAttributeName="userPrincipalName", LDAPObjectClass="user", claimType=WIF.ClaimTypes.Upn, claimEntityType = SPClaimEntityTypes.User, peopleEditorEntityDataKey=PeopleEditorEntityDataKeys.AccountName, KeywordToValidateInputWithoutLookup="EXTUSER:"},
            new AttributeHelper{LDAPAttributeName="sAMAccountName", LDAPObjectClass="group", claimType=WIF.ClaimTypes.Role, claimEntityType = SPClaimEntityTypes.FormsRole, KeywordToValidateInputWithoutLookup="EXTGROUP:", PrefixToAddToValueReturned=@"\", DoNotAddPrefixIfInputHasKeyword=true},       
            new AttributeHelper{LDAPAttributeName="displayName", LDAPObjectClass="user", ResolveAsIdentityClaim=true, peopleEditorEntityDataKey=PeopleEditorEntityDataKeys.DisplayName},
            new AttributeHelper{LDAPAttributeName="sn", LDAPObjectClass="user", ResolveAsIdentityClaim=true},
             new AttributeHelper{LDAPAttributeName="mail", LDAPObjectClass="user", peopleEditorEntityDataKey=PeopleEditorEntityDataKeys.Email},
            new AttributeHelper{LDAPAttributeName="department", LDAPObjectClass="user", peopleEditorEntityDataKey=PeopleEditorEntityDataKeys.Department},
            new AttributeHelper{LDAPAttributeName="title", LDAPObjectClass="user", peopleEditorEntityDataKey=PeopleEditorEntityDataKeys.JobTitle},
Apr 9, 2014 at 4:07 PM
Edited Apr 9, 2014 at 4:07 PM
thanks for your great feedback :)
The display name of a permission is set by property PeopleEditorEntityDataKeys.DisplayName ( )
In your code you defined AttributeHelper this way:
new AttributeHelper{LDAPAttributeName="displayName", LDAPObjectClass="user", ResolveAsIdentityClaim=true, peopleEditorEntityDataKey=PeopleEditorEntityDataKeys.DisplayName},
What is missing is the corresponding LDAP attribute to map to this display name. For this to work, you just need to set property LDAPAttributeName with the LDAP attribute you want, for example:
new AttributeHelper{LDAPAttributeName="displayName", LDAPObjectClass="user", ResolveAsIdentityClaim=true, peopleEditorEntityDataKey=PeopleEditorEntityDataKeys.DisplayName, LDAPAttributeName="displayName"},