Wilhelm Meier wrote: > Am Freitag 26 Dezember 2008 schrieb Pierangelo Masarati: >> ----- "Michael Ströder" <[email protected]> wrote: >>> Wilhelm Meier wrote: >>>> is there a way to use the UPN ([email protected]) notation to do >>>> a >>> bind >>> >>>> to the OpenLDAP-Server. >>> Assuming you mean simple bind the answer is no. According to RFC >>> 4511 the name in a BindRequest is a DN. Using the UPN as name is >>> a proprietary violation of LDAPv3 in MS AD. >>> >>>> Or do I have to use the rwm-overlay to map >>>> the bind-string to a valid DN? >>> Not sure whether that would work. >> It would work if you used "[email protected]", as it complies >> with DN syntax. > > Ok, I thought about that, but if you have some silly applications > where you can't compose the connect-string for the bind it would be > rather nice if one can configure the OpenLDAP tu user this upn > notation.
Which applications? Something very AD-specific? Most LDAP-enabled applications can search for user entries by uid or similar and then bind with the user's entry DN as bind DN. Ciao, Michael.
