The software I try to use is Roundcube webmail, i log to it to read email using full email address and password. It provides backend for ldap addressbook so and can provide for ldap binding full email or only username (part before @) and password from email logging.
As I'm new to LDAP at all so I don't know how to create login DN for this to use email attribute of users to authenticate. I cannot tell you if this software architecture is invalid because I have too little knowledge in this topic.
Anyway thank you for your comments.
Greets Pawel.
On Tue, 9 Jun 2009 18:46:07 +0200, Buchan Milne bgmilne@staff.telkomsa.net wrote:
On Sunday 07 June 2009 10:12:41 Paweł Madej wrote:
Hello,
I have such RDN
cn=user1,dc=example,dc=com
but my webmail software knows users only by emails (which is attribute
to
cn=user1,dc=example,dc=com)
My question is how can i authenticate in LDAP using provided email?
Why do you *think* you need to do this? What (inadequate regarding LDAP) software has a requirement like this? Typically, any LDAP-using
application
should be able to authenticate any entry on any attribute you choose, as typical operation of an LDAP-using application for authentication is:
1)Bind as a DN allowed to search for a user 2)Search for a user using a configurable search filter, and retrieve the
DN
(at least) 3)Using the password the user supplied, do a simple bind as the DN from (2).
If you have software trying to do DN construction from the username the user supplied, I would recommend you return this to the vendor and find better
software (or, file bug reports to have the software fixed).
I tried sth like mail=test@example.com,dc=example,dc=com but ldap refuses such login.
Why should it? The RDN isn't the only attribute on the DN ....
Regards, Buchan