Thanks Mattias! I suggested that but my LDAP admin had another suggestion
<http://httpd.apache.org/docs/2.2/mod/mod_authnz_ldap.html#AuthLDAPRemoteUserAttribute>
which worked:
AuthLDAPRemoteUserAttribute uid
Now the login name is simply the UID without the OU and DCs.
-Mike
On Sunday, March 22, 2015 at 4:21:05 AM UTC-5, Mattias Vannergård wrote:
>
> For us, it helped adding the attribute "displayName" in the LDAP.
>
> I can also compare your trac.ini-settings with mine tomorrow.
>
> /Mattias
>
> Den lördag 21 mars 2015 kl. 09:35:52 UTC+1 skrev pineapplehandler:
>>
>> Hi,
>>
>> We've got LDAP authentication working via the following code in
>> /etc/trac/apache.conf and when we log in we see the entire LDAP string
>> instead of just the username:
>>
>>
>> <https://lh4.googleusercontent.com/-t8Xu2iCypCw/VQw7acwmFWI/AAAAAAAAAAg/QeL1m0xjorE/s1600/frontPage.png>
>>
>> This happens in the rest of TRAC too, such as when selecting a user to
>> re-assign a ticket. Is there any way to display just the username?
>>
>> Thanks!
>>
>>
>> AuthBasicProvider ldap AuthLDAPUrl
>> "ldaps://ldapServer.xxx/ou=ou=validGroup,dc=mydc,dc=mydc,dc=mydc?uid"
>> AuthLDAPBindDN
>> "uid=AccountWithRights,ou=validGroup,dc=mydc,dc=mydc,dc=mydc"
>> AuthLDAPBindPassword "password"
>> AuthLDAPGroupAttribute member
>> AuthLDAPGroupAttributeIsDN on
>> AuthLDAPRemoteUserIsDN on
>> AuthzLDAPAuthoritative off
>> require ldap-group cn=My_Special_Group,ou=roles,dc=mydc,dc=mydc,dc=
>> mydc
>> require valid-user
>>
>>
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/d/optout.
