Hello,
Thanks for comments
If my LDAP directory was only for that email i could do this, because even webmail developers recomend use of mail in RDN (roundcube webmail). but I plan to have rather wider use of DIT so cn=user1,dc=example,dc=com is easiest solution for me.
maybe are there in LDAP some aliases which I could use to map email to user? email is in my case rather unique per user.
Greets Pawel
On Sun, 7 Jun 2009 14:37:39 +0200 (CEST), Piotr Wadas pwadas@dtpw.pl wrote:
On Sun, 7 Jun 2009, Paweł Madej wrote:
Hello,
I have such RDN
cn=user1,dc=example,dc=com
but my webmail software knows users only by emails (which is attribute
to
cn=user1,dc=example,dc=com)
My question is how can i authenticate in LDAP using provided email? I tried sth like mail=test@example.com,dc=example,dc=com but ldap refuses such login.
Thanks in advance for help
Greets Pawel
First and simple solution is to setup cn value exactly the same as "mail" value, or, even simplier, use "mail=user1@domain.com" as RDN element. You could also use ldap proxy to map mail attribute to cn attribute (or reverse) in virtual directory.
However, the nature of email address is, that probably two different users may have the same address (group alias), and more than one address can direct mail to the same final user. So, using mail as RDN is probably not a wise solution.
Probably the best effect you'll got if you make some simple modification to webmail software You use, to "translate" email address a user puts into "login" field into a value, which will be used for authentication purposes. Or, you can play with sasl, kerberos and realms regarding the domain name.
Regards, P.