Active Directory authentication - Allow login with or without @some_domain.com

Answered

Hi.

What do I need to do in order to allow users to log in with the either "username" or with "username@some_domain.com" ? Currently, users are only able to log in using the first one (just "username"). Here are the current settings:

Server URL=ldap://ldap.some_domain.com:389/dc=some_domain,dc=com

Bind DN=%u@some_domain.com

Filter=sAMAccountName=%u

 

 

If I change Bind DN to be just %u, then it will only allow them to log in with the full "username@some_domain.com". I want to allow both. 

Thanks.

1
3 comments
Official comment

Hello Halim, thank you for your question!

It's not currently possible to configure one AD Auth module in the way that you want, but as an option I can suggest you to create two AD Auth modules, one with Bind DN=%u and another one with Bind DN=%u@some_domain.com, other settings will be the same for both modules.

Let me know if you have any further questions, thank you.

Thank you Liubov for your answer. I tried to add another Active Directory auth module but it gave me a message saying "Already exist", so it is not allowing me to add another module with the same server name.

 

0

Hello Halim, I'm sorry for being misleading. It's not possible indeed to have two Auth modules with the same Server URL. I've created a feature request for you in our system, please feel free to vote/comment: https://youtrack.jetbrains.com/issue/JPS-4875

0

Please sign in to leave a comment.