Change ldap filter on namcd

Hi,

We need change ldap filter of namcd.

The filter is uid=USER_NAME and we need that filter will be cn=USER_NAME. In actual enviroment, User cn value is diffent a uid value :(

Is possible?
  • I do not have a nam.conf file in front of me to check, but if there is not
    an obvious way within it, you could always change one eDirectory server's
    LDAP attribute mappings to have 'uid' point to the CN value instead of the
    uniqueID value, which would have the same result.


    --
    Good luck.

    If you find this post helpful and are logged into the web interface,
    show your appreciation and click on the star below.

    If you want to send me a private message, please let me know in the
    forum as I do not use the web interface often.
  • rubengc;2467601 wrote:
    Hi,

    We need change ldap filter of namcd.

    The filter is uid=USER_NAME and we need that filter will be cn=USER_NAME. In actual enviroment, User cn value is diffent a uid value :(

    Is possible?


    A bit odd, but I can see if you have an old eDir instance where the issue might be.

    I think somewhere around NWADMIN32 or a certain version of ConsoleOne, Novell made cn=uid when creating users. But prior to that, I think the uid was blank or could be different.

    It's "standard" now in LDAP land I believe for them to be the same.

    At least I'm hoping that's why your cn isn't equal to uid (old accounts created with the older instances of the tools).

    Short term:
    we did what Aaron is suggesting and changed the LDAP server LDAP mapping.

    Long term:
    we fixed the uid fields to be the same as cn (because, as I mentioned, at some point the tools were made so that they were the same).
  • Yes, nwadmin did not set uniqueID (uid via LDAP) but ConsoleOne and later
    did. If you create objects other ways (e.g. LDAP) there is no guarantee
    the value will be set.

    If possible, though, updating uniqueID to have a CN value is trivial with
    a tiny bit of LDAP and scripting. If that would solve the problem, I
    could provide the commands again (I have done so before somewhere in these
    forums).



    --
    Good luck.

    If you find this post helpful and are logged into the web interface,
    show your appreciation and click on the star below.

    If you want to send me a private message, please let me know in the
    forum as I do not use the web interface often.