Active Directory authentication - Allow login with or without @some_domain.com
Answered
Hi.
What do I need to do in order to allow users to log in with the either "username" or with "username@some_domain.com" ? Currently, users are only able to log in using the first one (just "username"). Here are the current settings:
Server URL=ldap://ldap.some_domain.com:389/dc=some_domain,dc=com
Bind DN=%u@some_domain.com
Filter=sAMAccountName=%u
If I change Bind DN to be just %u, then it will only allow them to log in with the full "username@some_domain.com". I want to allow both.
Thanks.
Please sign in to leave a comment.
Hello Halim, thank you for your question!
It's not currently possible to configure one AD Auth module in the way that you want, but as an option I can suggest you to create two AD Auth modules, one with Bind DN=%u and another one with Bind DN=%u@some_domain.com, other settings will be the same for both modules.
Let me know if you have any further questions, thank you.
Thank you Liubov for your answer. I tried to add another Active Directory auth module but it gave me a message saying "Already exist", so it is not allowing me to add another module with the same server name.
Hello Halim, I'm sorry for being misleading. It's not possible indeed to have two Auth modules with the same Server URL. I've created a feature request for you in our system, please feel free to vote/comment: https://youtrack.jetbrains.com/issue/JPS-4875