Expand my Community achievements bar.

SOLVED

LDAP with 2008r2 active directory

Avatar

Level 2

Since active directory does not have a user id, but uses samaccountname, I am trying to use that for the user.idattribute. that is not working. If I use cn and log in with the full name it works. What am I doing wrong?

# Configuration created by Apache Sling JCR Installer
userPool.maxActive=L"8"
searchTimeout="60s"
host.name="ldap.mydomain.com"
adminPool.maxActive=L"8"
group.makeDnPath=B"false"
user.baseDN="ou\=rs_users,dc\=mydomain,dc\=com"
group.objectclass=["groupOfUniqueNames"]
user.objectclass=["person"]
host.noCertCheck=B"false"
user.makeDnPath=B"false"
bind.dn="cn\=ldap\ admin,ou\=service,ou\=rs_users,dc\=mydomain,dc\=com"
group.baseDN="DC\=mydomain,DC\=com"
group.extraFilter=""
user.extraFilter=""
host.port=I"389"
bind.password="************"
group.nameAttribute="cn"
provider.name="ldap"
host.ssl=B"false"
host.tls=B"false"
user.idAttribute="samaccountname"
group.memberAttribute="uniquemember"

1 Accepted Solution

Avatar

Correct answer by
Level 2

I only got one response for this, so it must not be an issue with anyone else.

I ended up renaming the users in Windows Active Directory to the same as their login. So the cn is now the same as the login id.

I then changed the user.idattribute to cn.

View solution in original post

2 Replies

Avatar

Level 10

That does look like a weird issue. As discussed here: 

https://helpx.adobe.com/experience-manager/using/configuring-aem6-apache-directory-service.html

we  map User Id attribute to uid

Lets see if other community members have come across this issue. 

I will check with support as well. 

Avatar

Correct answer by
Level 2

I only got one response for this, so it must not be an issue with anyone else.

I ended up renaming the users in Windows Active Directory to the same as their login. So the cn is now the same as the login id.

I then changed the user.idattribute to cn.