Opened 10 years ago
Last modified 7 years ago
#924 new defect
LDAP authentication: configurable user attribute (currently: always 'uid')
| Reported by: | sumpfralle | Owned by: | |
|---|---|---|---|
| Priority: | minor | Milestone: | |
| Component: | programming | Keywords: | ldap, uid |
| Cc: | Parent Tickets: |
Description
Currently user authentication works for a DN like the following:
dn: cn=USERNAME,ou=people,dc=example,dc=org
Sadly the email retrieval fails to work since it relies on the fact that there is an attribute uid=USERNAME.
This assumption is not always valid (see above: cn=USERNAME).
Thus it would be reasonable to use the first part of the LDAP_USER_DN_TEMPLATE for the filter condition within the email handling code (instead of uid=USERNAME). See the attached patch for an implementation of this approach.
Attachments (1)
Change History (3)
by , 10 years ago
| Attachment: | 0001-use-attribute-from-LDAP_USER_DN_TEMPLATE-instead-of-.patch added |
|---|
comment:1 by , 9 years ago
comment:2 by , 7 years ago
I've also submitted a patch in #5568 that deals with the assumption of uid in a different way. Once difference is that my patch allows for a UPN to be used for the LDAP_USER_DN_TEMPLATE.
Note:
See TracTickets
for help on using tickets.
This would be great (in fact I am already using it).