I looked at source code of LdapLoginManagement and it looks like there
is no way of telling OM to add domain to user name only when
authenticating to LDAP but not when searching by attribute configured
by field_user_principal. But it really doesn't work this way.
Am I missing some additional settings or it worth filling bug report?
On Fri, Dec 13, 2013 at 4:54 PM, Mihail Lukin <mihail.lu...@gmail.com> wrote:
> Hello, everyone!
>
> I have problem integrating OM with AD. I've created configuration file
> and added it through admin interface. I used wireshark to analyze
> communication with LDAP server.
>
> When I use option "add domain name to user name", authentications
> succeeds 3 times with admin's credentials, then once with user's
> credentials ("username@domain" form was used by OM), but then ldap
> search fails because sAMAccountName is "username" but OM searches for
> "username@domain".
>
> When I turn off "add domain name to user name", authentications
> succeeds 3 times with admin's credentials, but then fails, because OM
> tries to bind with "username" while LDAP requires "username@domain".
>
> Did anyone solve such problem already? Any suggestions?
>
> Thanks a lot in advance!
>
> --
> Regards, Mihail.
--
С уважением, Михаил.
