Opened 5 years ago

Last modified 19 months ago

#924 new defect

LDAP authentication: configurable user attribute (currently: always 'uid')

Reported by: sumpfralle Owned by:
Priority: minor Milestone:
Component: programming Keywords: ldap, uid
Cc: Parent Tickets:

Description

Currently user authentication works for a DN like the following:

dn: cn=USERNAME,ou=people,dc=example,dc=org

Sadly the email retrieval fails to work since it relies on the fact that there is an attribute uid=USERNAME.

This assumption is not always valid (see above: cn=USERNAME).

Thus it would be reasonable to use the first part of the LDAP_USER_DN_TEMPLATE for the filter condition within the email handling code (instead of uid=USERNAME). See the attached patch for an implementation of this approach.

Subtickets

Attachments (1)

0001-use-attribute-from-LDAP_USER_DN_TEMPLATE-instead-of-.patch (1.4 KB) - added by sumpfralle 5 years ago.

Download all attachments as: .zip

Change History (3)

comment:1 Changed 4 years ago by Sebastian Hugentobler

This would be great (in fact I am already using it).

comment:2 Changed 19 months ago by Meaulnes

I've also submitted a patch in #5568 that deals with the assumption of uid in a different way. Once difference is that my patch allows for a UPN to be used for the LDAP_USER_DN_TEMPLATE.

Note: See TracTickets for help on using tickets.