icingaweb2 icon indicating copy to clipboard operation
icingaweb2 copied to clipboard
verified publisher icon Icinga

Active Directory domain name removed in the username

Open gbin2265 opened this issue 2 years ago • 0 comments

Hello,

Describe the bug

We use a different attribute in then Active Directory for the login. user_name_attribute = "userPrincipalName"

The domain is also included in the attribute Like : [email protected]

In the files : LdapUserBackend.php -> authenticate LdapUserGroupBackend.php -> getMemberships

The domain name is removed in the username just before the login is done.

$user->getLocalUsername() -> result firstname.name , the domain name is removed

Expected behavior

That the login name is this one that is also used as a username to search in the AD

Question

Can you not provide an option in the INI file to say that the user name must remain the same as entered on the login screen !? Or if the domain name in the login is not the same as in the ini file , than use the name from the login screen.

##Solution for me

Replace the line

$username = $user->getLocalUsername();

with

            if (  $this->userNameAttribute !== 'sAMAccountName' ) {
               $username = $user->getUsername();
            } else {
              $username = $user->getLocalUsername();
            }

Regards, Geert

gbin2265 avatar Sep 01 '23 14:09 gbin2265