Details
-
Fix
-
Status: Released (View Workflow)
-
Major
-
Resolution: Fixed
-
1.11.5
-
None
Description
Current Situation
When logging in with username@doman or domain\username the username will be extracted and will be used for the substitution in the search filters e.g. ldapRealm.userSearchFilter = (uid=%s)
When not the username but the user@domain is stored in the LDAP directory, the searchfilter will have no result.
Example:
Login: user@domain
search filter: ldapRealm.userSearchFilter = (uid=%s)
Result: (uid=user)
Desired Behaviour
It should be possible to use the normalized login or the full username.
Example:
Login: user@domain
search filter: ldapRealm.userSearchFilter = (uid=%s)
Result: (uid=user)
Login: user@domain
search filter: ldapRealm.userSearchFilter = (uid=^s)
Result: (uid=user@domain)
Workaround
When your sAMAcountName contains the domain, define the searchfilter like this:
ldapRealm.userSearchFilter (uid=%s@domain)
Please note that you can change this when using 1.11.6 to
ldapRealm.userSearchFilter (uid=^s)