Comments (2)
Seems more complex than I thought.
My identity claim type is http://...../upn
. I have users from several directories, AD and some 3rd party LDAP.
What I want to configure is:
- In AD, my users have "objectclass=user" and their username is stored in attribute "userPrincipalName"
- In LDAP number 1, they have "objectclass=person" and username is stored in attribute "cn"
- In LDAP number 2, they have "objectclass=inetOrgPerson" and username is stored in attribute "userid"
For AD it is working of course. However I don't find how to configure my LDAP directories.
Is it possible to have such configuration in LDAPCP?
(it seems I cannot have more than one claim type http://...../upn
defined, so the username has to be stored in attribute "userPrincipalName", no matter the directory)
from ldapcp.
Hi @matthieu-bt
Indeed, by default LDAPCP expects that objectclass of users is "user", but you can change this if you delete and recreate the mapping in LDAPCP page "claims mapping".
But as you noticed, you cannot specify a different objectclass based on the LDAP server it is hitting.
In theory, you could specify a different LDAP filter for each LDAP server if you created a custom version of LDAPCP and override method LDAPCP.GetLDAPFilter().
The method sets the LDAP filter per LDAP server.
The query would work as you wish but it would fail later during the processing of the results, because LDAPCP expects that there is 1 objectclass per object type.
Unfortunately, changing the design to fit your need would be a huge work.
The best solution I can think of is to use an objectclass that would fit all LDAP servers, You can set this objectclass in LDAPCP "claims mapping" page for each claim type that represents a user.
Would that be possible?
from ldapcp.
Related Issues (20)
- Replay LDAP query test returned user account result but people picker doesn't return this user account HOT 8
- Target Audience not working for LDAPCP groups added to sharepoint groups HOT 6
- LDAPCP on a non-ADFS federated setup HOT 2
- Domain groups can't be added after resolving it in people picker HOT 5
- LDAPCP on a farm with Windows / Kerberos authentication HOT 2
- need to remove the users with (role) prefix HOT 2
- Using Custom LDAPCP wsp and standard LDAPCP wsp HOT 9
- LDAP Filter for Two Classes HOT 4
- Augmentation does not work with Nintex Workflow and Other third party HOT 4
- Searching by Name on samAccountName HOT 2
- User Can't receive emails HOT 2
- EntraCP claimprovider issue HOT 4
- [LDAPCPSE] After adding a LDAPS connection as second option, going to global config page will error out HOT 21
- LDAPCPSE An item with LDAP newAttribute 'userPrincipalName' and LDAP class 'user' already exists for the object type 'User' HOT 10
- LDAPCP Second Edition - MaxSearchResultsCount. HOT 3
- [LDAPCPSE] question about search result windows size in peoplepicker HOT 4
- Filter on Active user by default HOT 5
- Unable to Connect to LDAP for the following reason: Unknow error (0x80005000) HOT 8
- Security regrading the package HOT 3
- Challenges with User Identification and Activity Logging in LDAPCP on SharePoint 2013 HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from ldapcp.