On Sunday 07 June 2009 10:12:41 Paweł Madej wrote:
Hello,
I have such RDN
cn=user1,dc=example,dc=com
but my webmail software knows users only by emails (which is attribute to
cn=user1,dc=example,dc=com)
My question is how can i authenticate in LDAP using provided email?
Why do you *think* you need to do this? What (inadequate regarding LDAP) software has a requirement like this? Typically, any LDAP-using application should be able to authenticate any entry on any attribute you choose, as typical operation of an LDAP-using application for authentication is:
1)Bind as a DN allowed to search for a user 2)Search for a user using a configurable search filter, and retrieve the DN (at least) 3)Using the password the user supplied, do a simple bind as the DN from (2).
If you have software trying to do DN construction from the username the user supplied, I would recommend you return this to the vendor and find better software (or, file bug reports to have the software fixed).
I tried sth like mail=test@example.com,dc=example,dc=com but ldap refuses such login.
Why should it? The RDN isn't the only attribute on the DN ....
Regards, Buchan