Page History

...

[main]
ldapRealm.userDnTemplate = uid={0},ou=People, dc=sos

ldapRealm = com.sos.auth.shiro.SOSLdapAuthorizingRealm
ldapRealm.contextFactory.url = ldap://myHost:389 
rolePermissionResolver = com.sos.auth.shiro.SOSPermissionResolverAdapter
rolePermissionResolver.ini = $iniRealm
ldapRealm.rolePermissionResolver = $rolePermissionResolver
securityManager.realms = $ldapRealm

Login with the sAMAccountName but cn is part of the DN

This works with a Microsoft AD that supports domain login.

1. Change the userDnTemplate to ldapRealm.userDnTemplate = uid={0}
2. Add the userSearch 
3. Use domain\user or user@domain for the login where user is the sAMAcountName.

The user template

With authentication you will check for a valid username/password combination. To achieve this, you have to specify the userDnTemplate. The parameters for the userDnTemplate can be read from a user's properties page as shown in the screenshot from an LDAP browser below.

...

Only one template can be specified per realm, separate realms have to be configured for different user templates.

Login with the sAMAccountName but cn is part of the DN

This works with a Microsoft AD that supports domain login.

1. Change the userDnTemplate to ldapRealm.userDnTemplate = uid={0}
2. Add the userSearch 
3. Use domain\user or user@domain for the login where user is the sAMAcountName.

Usernames

...