thank you so much for that information. I have added that to our test server
and I am able to authenticate with both the samaccountname and the
userprincipalname. However, I am only getting attributes when I login with
the samaccountname. I tried adding the user principal name to the <map>
portion of the attribute query, but nothing comes through. would you be
willing to share your deployerconfigcontext.xml section with me?
________________________________________
From: Andrew Morgan [[email protected]]
Sent: Tuesday, February 02, 2016 9:41 AM
To: Stephen Meier
Cc: [email protected]
Subject: Re: [cas-user] Cas Login using UPN or SamAccountName
On Tue, 2 Feb 2016, Stephen Meier wrote:
> Good Morning all,
>
> Does anyone use both or either the UPN or the SamaccountName for their
> users to login?
Sure. We do something similar against our LDAP service. Search against
both attributes, like this:
<property name="filter" value="(|(uid=%u)(eduPersonPrincipalName=%u))" />
in your case:
<property name="filter" value="(|(samaccountname=%u)(userprincipalname=%u))"
/>
Always make sure that there will only be one match though. For example,
don't search for samaccountname on a global catalog server where more than
one domain may have the same samaccountname.
Andy
--
You received this message because you are subscribed to the Google Groups "CAS
Community" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
Visit this group at https://groups.google.com/a/apereo.org/group/cas-user/.
