On Sun, 7 Jun 2009, Paweł Madej wrote:
Hello,
I have such RDN
cn=user1,dc=example,dc=com
but my webmail software knows users only by emails (which is attribute to
cn=user1,dc=example,dc=com)
My question is how can i authenticate in LDAP using provided email? I tried sth like mail=test@example.com,dc=example,dc=com but ldap refuses such login.
Thanks in advance for help
Greets Pawel
First and simple solution is to setup cn value exactly the same as "mail" value, or, even simplier, use "mail=user1@domain.com" as RDN element. You could also use ldap proxy to map mail attribute to cn attribute (or reverse) in virtual directory.
However, the nature of email address is, that probably two different users may have the same address (group alias), and more than one address can direct mail to the same final user. So, using mail as RDN is probably not a wise solution.
Probably the best effect you'll got if you make some simple modification to webmail software You use, to "translate" email address a user puts into "login" field into a value, which will be used for authentication purposes. Or, you can play with sasl, kerberos and realms regarding the domain name.
Regards, P.