[389-users] objects with multiple "uid" entries

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

i am building an LDAP directory from the ground up and plan to set users up so a few different applications can use this as an authentication/authorization backend.  however, today some of these applications use uids like jsmith while others use empid like 123456.  is there any way, without duplicating user entries to allow these applications to both authenticate?

- for example, if i have a user base dn of: ou=people,o=company.com

- i have a user with uid=jsmith and employeeNumber=123456

can some applications authenticate with dn:uid=jsmith,ou=people,o=company.com while others use dn: employeeNumber=123456,ou=people,o=company.com? i think the answer is no for that, so what if I give the user multiple uid values? uid=jsmith AND uid=123456, but the dn that allows binding always seems to be the uid i set first.

i'm at a loss here, there really has to be a way to do it. the only way i can see is to allow the applications to bind with some other DN, then do searches  for employeeNumber=123456 to try and match the values up on their end, then pull the dn from their search results and use that dn to re-bind with the supplied password...but that seems like overkill to me.

thanks for any insight!
--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux