Don't ask why, but our internal LDAP is setup to support 3 common name (cn) values. My account, for example, uses chapmar, firstname.lastname@example.org and 43414247. All 3 are valid logins and all authenticate against the same password.
We would like to standardise against the login id, chapmar in the above example. The manual page for LDAP https://confluence.atlassian.com/display/USERMAN/_LDAP+User+Schema+Settings suggests this setting
User Unique ID Attribute
The attribute used as a unique immutable identifier for user objects. This is used to track username changes and is optional. If this attribute is not set (or is set to an invalid value), user renames will not be detected — they will be interpreted as a user deletion then a new user addition.
This should normally point to a UUID value. Standards-compliant LDAP servers will implement this as 'entryUUID' according to RFC 4530. This setting exists because it is known under different names on some servers, e.g. 'objectGUID' in Microsoft Active Directory.
Would this help do you think? Could we setup LDAP so the user can login as any one of the 3 above but all would be treated as the login id? Do you have any example of the usage of this field?
Maybe you can experiment with the User Object Filter. The default filter is
But, you can also have AND and OR conditions in it. There are some examples here
I have not experimented with this but something for you to look at
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot