-
Notifications
You must be signed in to change notification settings - Fork 4
Prefill User Details
The LibreOffice Group Policy should not be used to pre-fill the User Data fields in LibreOffice. If LibreOffice is installed on a domain joined computer, you can leverage Active Directory to pre-fill the user fields. Each time LibreOffice runs, it will contact AD and refresh the User Data section.
To do this you will need to create a file named oo-ad-ldap.xcd in the following location:
C:\Program Files (x86)\LibreOffice x\share\registry\oo-ad-ldap.xcd
If you are using a 64bit version of LibreOffice, create the file here instead:
C:\Program Files\LibreOffice x\share\registry\oo-ad-ldap.xcd
There is a sample file already in that folder named oo-ad-ldap.xcd.sample that you can just copy and edit.
In the majority of scenarios, you will need to modify the following in oo-ad-ldap.xcd:
- Uncomment the SearchUser value and enter a domain account that has read access to the AD.
- Uncomment the SearchPassword value and enter the password for the domain account
- UserObjectClass value should be changed from inetorgperson to user
- UserUniqueAttribute value should be changed from uid to cn
- Fill in Server, and BaseDN to match your environment
<oor:component-data oor:package="org.openoffice" oor:name="LDAP">
<node oor:name="UserDirectory">
<prop oor:name="SearchUser">
<value>domain\user</value>
</prop>
<prop oor:name="SearchPassword">
<value>password</value>
</prop>
<prop oor:name="UserObjectClass">
<value>user</value>
</prop>
<prop oor:name="UserUniqueAttribute">
<value>cn</value>
</prop>
<node oor:name="ServerDefinition">
<prop oor:name="Server">
<value>LDAP SERVER</value>
</prop>
<prop oor:name="Port">
<value>389</value>
</prop>
<prop oor:name="BaseDN">
<value>ou=UserOU,dc=domainname,dc=local</value>
</prop>
</node>
</node>
</oor:component-data>
The next section of the file dictates what AD attribute prefills what LibreOffice attribute. Edit them as you need.
If you would like to enforce the settings so that staff cannot change them, then you will need to add oor:finalised=true into the prop tag of the attributes you wish to enforce.
For example if you want to restrict users editing their position:
<prop oor:name="position" oor:finalized="true">
<value oor:external=
"com.sun.star.configuration.backend.LdapUserProfileBe position"/>
</prop>