common LDAP schemas to draw attribute definitions from

Cantor, Scott cantor.2 at
Tue Jul 2 10:22:35 EDT 2019

On 7/2/19, 10:04 AM, "users on behalf of Boyd, Todd M." <users-bounces at on behalf of tmboyd1 at> wrote:

> While I don't disagree, the FriendlyName was not helpful when negotiating with haphazard vendors that require
> handmade metadata or strange configuration overrides in order to function.

All I was saying is that you can easily scan the XML to know what an attribute is without memorizing OIDs, to the extent that's even routinely necessary. I certainly don't memorize them. The only time I need them is typicaly with the apps that expose attribute mapping rules or when I'm configuring a custom NameID, and then it just takes a second to copy one.

> In a pure, ideal state of existence, the rigid, well-connected structure of the system and its documentation is enough.
> Pragmatically speaking, it can be a bit difficult  when the rubber meets the road and you have to make annoying
> concessions in order to get the job done with regard to a particular service provider.

I don't think encouraging haphazard naming improves that. It's a major cause of the problem.

I have made very, very few concessions on routine attribute naming. Less than a handful out of over 100 or so. Saying no works a decent amount of the time. Of course, a lot of that is because the most common case is "just give me any NameID", so it's immaterial.
-- Scott

More information about the users mailing list