common LDAP schemas to draw attribute definitions from
cantor.2 at osu.edu
Tue Jul 2 10:22:35 EDT 2019
On 7/2/19, 10:04 AM, "users on behalf of Boyd, Todd M." <users-bounces at shibboleth.net on behalf of tmboyd1 at ccis.edu> wrote:
> While I don't disagree, the FriendlyName was not helpful when negotiating with haphazard vendors that require
> handmade metadata or strange configuration overrides in order to function.
All I was saying is that you can easily scan the XML to know what an attribute is without memorizing OIDs, to the extent that's even routinely necessary. I certainly don't memorize them. The only time I need them is typicaly with the apps that expose attribute mapping rules or when I'm configuring a custom NameID, and then it just takes a second to copy one.
> In a pure, ideal state of existence, the rigid, well-connected structure of the system and its documentation is enough.
> Pragmatically speaking, it can be a bit difficult when the rubber meets the road and you have to make annoying
> concessions in order to get the job done with regard to a particular service provider.
I don't think encouraging haphazard naming improves that. It's a major cause of the problem.
I have made very, very few concessions on routine attribute naming. Less than a handful out of over 100 or so. Saying no works a decent amount of the time. Of course, a lot of that is because the most common case is "just give me any NameID", so it's immaterial.
More information about the users