[Date Prev][Date Next]
Re: some thoughts about RDN
On Sunday 07 June 2009 10:12:41 Paweł Madej wrote:
> I have such RDN
> but my webmail software knows users only by emails (which is attribute to
> My question is how can i authenticate in LDAP using provided email?
Why do you *think* you need to do this? What (inadequate regarding LDAP)
software has a requirement like this? Typically, any LDAP-using application
should be able to authenticate any entry on any attribute you choose, as
typical operation of an LDAP-using application for authentication is:
1)Bind as a DN allowed to search for a user
2)Search for a user using a configurable search filter, and retrieve the DN (at
3)Using the password the user supplied, do a simple bind as the DN from (2).
If you have software trying to do DN construction from the username the user
supplied, I would recommend you return this to the vendor and find better
software (or, file bug reports to have the software fixed).
> I tried
> sth like firstname.lastname@example.org,dc=example,dc=com but ldap refuses such
Why should it? The RDN isn't the only attribute on the DN ....