...
LDAP account must have been created previously with another script. For example a PERL script can export accounts from your
human ressources database to LDAP directory every night. Benoît Branciard (Benoit dot Branciard arobase univ-paris1 dot fr) has written
it for Paris 1 University.
These account are created with a null LDAP attribute shadowLastChange et a pre-defined LDAP password, a set of LDAP attributes extracted from human ressources database (name, birthdate, address, ...), and a pre-defined LDAP password, generated by a secret algorithm with a set of these LDAP attributes.
esup-activ first presents a form where the user is asked some personal informations (user ID in human ressource database, user name and birthdate by default). Next esup-activ uses these information to retrieve the user inactive account in LDAP directory. Then esup-activ, deduce LDAP user preset password from LDAP user attributes. The user can now choose a secure password and is given it's LDAP login, mail address and the portal login URL.