With the 2015.2 and later version of the Helix Server it is possible to use fields available in LDAP/AD to populate the Perforce user spec automatically as a new user logs into Perforce.
The Perforce Server first of all needs to have some configurables set to allow this, as follows:
p4 configure set dm.user.noautocreate=0
p4 configure set auth.ldap.userautocreate=1
The user spec fields that can take advantage of this feature are:
Once you have a working Perforce LDAP spec you can update it by setting the following fields:
getattrs (in the 'Options:' field) - must be set to allow attributes to be pulled from the LDAP/AD server for use in Perforce User specs
An example Perforce LDAP spec might contain these additional entries to use the LDAP 'givenName' and 'mail' attributes for the Perforce user spec:
Multiple LDAP attributes can be combined for a single Perforce attribute like this:
- Note that this information does not dynamically change for each login of the user; it is only retrieved as a new user is created by virtue of their logging into Perforce successfully for the first time.
- Please note that the option in the LDAP spec for 'AttributeUid:' is not currently used but is part of some future work to better integrate Perforce Users and LDAP/AD.
- In P4V autocreation of users won't work as P4V first checks that the user exists before prompting for a pasword. The workaround is to autocreate the user with the p4 command line client. job. The bug is internal job078442, contact support to see what release the fix is in.