You are viewing limited content. For full access, please sign in.

Question

Question

Allow User to Login Using PrincipalName When Using LDAP?

Administration
Updated November 18, 2015
asked on November 12, 2015

In Laserfiche when you setup an LDAP account, it uses the commonname value for the login. Is there any way to change this so that it uses something like the PrincipalName value instead? Our commonname values are basically LastName, FirstName. If we use LDAP accounts, these logins would be completely different than anything else the user currently uses.

1 0

Answer

APPROVED ANSWER
replied on November 16, 2015 Show version history

You can specify the attribute that should be used to log users in under the "Unique name attribute" in an LDAP server Profile:

I've chosen to use the sAMAccountName:

What's important is that the property is unique for each user, which is why it's referred to as the unique name attribute.

Note that the userPrincipalName is usually of the format user@domain.com, which will not work because of the @ (which is a reserved character). The sAMAccountName often has the same format for the first part, but without the @domain.com, which is why it works.

1 0
replied on November 17, 2015

Brianna, that is great information. One question, how does Forms get away with using the @ for the login of participant users that are setup using LDAP?

1 0
replied on November 18, 2015 Show version history

Participant users in Forms are not logged in through LFS, but handled within Forms itself, so the restrictions on usernames may differ. I'm not very familiar with Forms so I can't enumerate their reserved characters. Restrictions for LFS users are in the administration help files on creating users.

The restriction on the @ for LFS may be related to the use of @ to format LDAP users as username@LDAPProfileName.

0 0

Replies

You are not allowed to reply in this post.
You are not allowed to follow up in this post.

Sign in to reply to this post.

Details
Related Posts
Loading ...