ahaenggli
How to change attribute used for DN of users?
Hello. I am trying to set up azuread-ldap-wrapper so that users can bind using their full upn instead of samaccountname.
However, since uid is pulling from samaccountname and each user's dn uses uid=samaccountname,+base dn I can only bind using samaccountname.
I tried using a ldap_customizer for this, but DN isn't exposed as an attribute of an ldapuser:
'use strict';
const config = require('../src/config');
const helper = require('../src/helper');
var customizer = {};
customizer.ModifyLDAPUser = function (ldapuser, azureuser) {
helper.log("customizer", "ModifyLDAPUser", "called", "custom");
if (azureuser && azureuser.userPrincipalName) {
let newUid = azureuser.userPrincipalName.toString();
ldapuser.uid = newUid;
if (ldapuser.entryDN && ldapuser.entryDN.startsWith("uid=")) {
let parts = ldapuser.entryDN.split(",");
parts[0] = `uid=${newUid}`;
ldapuser.entryDN = parts.join(",");
}
if (ldapuser.dn && ldapuser.dn.startsWith("uid=")) {
let parts = ldapuser.dn.split(",");
parts[0] = `uid=${newUid}`;
ldapuser.dn = parts.join(",");
}
helper.log("customizer", "uid set to", ldapuser.uid);
helper.log("customizer", "entryDN", ldapuser.entryDN);
helper.log("customizer", "dn", ldapuser.dn);
}
return ldapuser;
};
module.exports = customizer;
How can I alter my deployment so that I can bind and auth using something like
ldapsearch -x -D "[email protected],cn=users,dc=private,dc=local"
instead of
ldapsearch -x -D "uid=test,cn=users,dc=private,dc=local"
That should already work as expected without customizing anyting.
If the uid does not exist, it looks for it in the AzureADuserPrincipalName attribut, which usually is the email address/full upn.
