Re: username syntax for bind/auth

21 Oct 2014


      Jeff Lebo wrote:
...
Reading a bit more, it seems as if the UPN is not part of the LDAP RFC, just
something Microsoft added to their version of LDAP with AD.
I see some talks of a way to workaround this to allow OpenLDAP to bind with
UPN, but then some other strings say it is not possible...
Anything's possible, if you modify the code yourself.
...
What is the definitive answer here...
...
Tell the apps people to bind using the
provided DN/password, search for the user with the sAMAccount name they have,
then rebind with that DN and password for password verification?
Yes, that's the typical approach.
...

From: jeflebo@outlook.com
To: openldap-technical@openldap.org
Subject: username syntax for bind/auth
Date: Tue, 21 Oct 2014 08:02:36 -0700
So I've got everything working with my OpenLDAP passthrough to AD... one last
thing (I think).
Is there a way to make OpenLDAP accept username@domain.com instead of the full DN?
-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: username syntax for bind/auth