AnsweredAssumed Answered

Login via email or nickname not username (ldap-ad)

Question asked by erong on Nov 22, 2016
Latest reply on Nov 23, 2016 by afaust

Hi,

I am newest in Alfresco. Please help me in step by step.

Environment: Alfresco community edition in Ubuntu 14.04

 

I can login by username from ldap-ad. But I need to login by email, nickname or other properties.

 

Here is our AD architecture.

DN = User_Object

   |

   |- CN = Username 1

       |- mail: mail1@gmail.com

       |- nickname: Mary

       |- ...

   |- CN = Username 2

       |- mail: mail@gmail.com

       |- nickname: John

       |- ...

 

Here is alfresco-global.properties and login by user name. It work for me.

ldap.authentication.userNameFormat=CN=%s,OU=User_Object,OU=organization,DC=domain ldap.synchronization.userIdAttributeName=cn ldap.authentication.java.naming.provider.url=ldap://{$ip}:389 ldap.synchronization.groupSearchBase=OU=Group_Object,OU=organization,DC=domain ldap.synchronization.userSearchBase=OU=User_Object,OU=organization,DC=domain ldap.synchronization.java.naming.security.principal=CN={$username},OU=User_Object,OU=organization,DC=domain ldap.synchronization.java.naming.security.credentials={$password} ldap.synchronization.personQuery=(objectClass=*) ...

 

But I need to login via mail or nickname.

I try some solution as follow, but it can not login via mail/nickname correctly.

ldap.authentication.userNameFormat=%s ldap.synchronization.userIdAttributeName=mail (or nickname) ldap.authentication.java.naming.provider.url=ldap://{$ip}:389 ldap.synchronization.groupSearchBase=OU=Group_Object,OU=organization,DC=domain ldap.synchronization.userSearchBase=OU=User_Object,OU=organization,DC=domain ldap.synchronization.java.naming.security.principal=CN={$username},OU=User_Object,OU=organization,DC=domain ldap.synchronization.java.naming.security.credentials={$password} ldap.synchronization.personQuery=(objectClass=*) ...

ldap.authentication.userNameFormat=mail=%s,OU=User_Object,OU=organization,DC=domain ldap.synchronization.userIdAttributeName=mail

What exactly am I missing here? Any help would be highly appreciated. Thanks.

Outcomes