goauthentik
How to use `dn` as "Object uniqueness field"
Describe your question/
I am currently evaluating using authentik with an LDAP source. The LDAP server however is custom software and does not have any objectSid, ipaUniqueID or similar field. Thus we would like to simply use the dn of each object as its unique identifier.
Version and Deployment (please complete the following information):
- authentik version: 2023.1.2
- Deployment: docker-compose
Why does one even have to set up a uniqueness field? distinguishedName should be sufficient pretty much always. However, the way it is currently set up seems to make it impossible to use this.
@septatrix Why don't you set the Object uniqueness field option under Directory -> Federation -> Source -> Edit to distinguishedName ? That shoud solve your problem
@septatrix Why don't you set the
Object uniqueness fieldoption under Directory -> Federation -> Source -> Edit todistinguishedName? That shoud solve your problem
Because it does not work, neither dn nor distinguishedName work
Plus one here. Currently, my workaround is to setup two ldap sources, one for users and one for groups setting different object uniqueness fields. While that does work, using the DN would be more elegant. The CN is suggested elsewhere as the uniqueness field for both but as that's just the clear name in our case for the users it will eventually cause collisions.
By the way, how can I find out which attributes I can set for that and which not?
My users have a suitable id field, but my groups don't. Isn't there a way to use an expression instead of a field name? =/
