i've been searching for hours now and still didn't find a solution to my problem:
I successfully configured the LDAP Client on a SLES 11 SP2 for VMWare machine and can authenticate against our Windows Server 2008 R2 Domain. What I want is to login with the userprincipalname instead of the samaccountname.
I tried to change a few settings in ldap.conf, but that doesn't seem to change anything. I can successfully login with "domain\username". But I want to login with firstname.lastname@example.org
which would be the UPN attribute. In my case different users will have completely differtnt UPNs (e.g. email@example.com
and so on)
Where can I change the mapping? Here is a part of my ldap.conf where i tried to change the mapping (which obviously didn't work):
# RFC 2307 (AD) mappings
#nss_map_objectclass posixAccount user
#nss_map_objectclass shadowAccount user
nss_map_attribute uid userPrincipalName
#nss_map_attribute homeDirectory unixHomeDirectory
#nss_map_attribute shadowLastChange pwdLastSet
#nss_map_objectclass posixGroup group
#nss_map_attribute uniqueMember member
#pam_password ad Any help is greatly appreciated!