With the 2015.2 and later version of the Helix Server it is possible to use fields available in LDAP/AD to populate the Perforce user spec automatically as a new user logs into Perforce.
The Perforce Server first of all needs to have some configurables set to allow this, as follows:
p4 configure set dm.user.noautocreate=0
p4 configure set auth.ldap.userautocreate=1
The user spec fields that can take advantage of this feature are:
Once you have a working Perforce LDAP spec you can update it by setting the following fields:
getattrs (in the 'Options:' field) - must be set to allow attributes to be pulled from the LDAP/AD server for use in Perforce User specs
An example Perforce LDAP spec might contain these additional entries to use the LDAP 'givenName' and 'mail' attributes for the Perforce user spec:
Multiple LDAP attributes can be combined for a single Perforce attribute like this:
- Note that this information does not dynamically change for each login of the user; it is only retrieved as a new user is created by virtue of their logging into Perforce successfully for the first time.
- Please note that the option in the LDAP spec for 'AttributeUid:' is not currently used but is part of some future work to better integrate Perforce Users and LDAP/AD.
- In P4V, autocreation of users won't work unless you're on P4V 2017.1/1491634 or later. Prior releases of P4V would first check that the user exists before prompting for a password causing a failure. The workaround if on older release of P4V is to autocreate the user with the p4 command line client. See the details of the fix for Bug# 78442 in the 2017.1 P4V release notes.