Active Directory authentication - Allow login with or without @some_domain.com

Answered

Hi.

What do I need to do in order to allow users to log in with the either "username" or with "username@some_domain.com" ? Currently, users are only able to log in using the first one (just "username"). Here are the current settings:

Server URL=ldap://ldap.some_domain.com:389/dc=some_domain,dc=com

Bind DN=%u@some_domain.com

Filter=sAMAccountName=%u

 

 

If I change Bind DN to be just %u, then it will only allow them to log in with the full "username@some_domain.com". I want to allow both. 

Thanks.

3 comments
Comment actions Permalink
Official comment

Hello Halim, thank you for your question!

It's not currently possible to configure one AD Auth module in the way that you want, but as an option I can suggest you to create two AD Auth modules, one with Bind DN=%u and another one with Bind DN=%u@some_domain.com, other settings will be the same for both modules.

Let me know if you have any further questions, thank you.

Comment actions Permalink

Thank you Liubov for your answer. I tried to add another Active Directory auth module but it gave me a message saying "Already exist", so it is not allowing me to add another module with the same server name.

 

0
Comment actions Permalink

Hello Halim, I'm sorry for being misleading. It's not possible indeed to have two Auth modules with the same Server URL. I've created a feature request for you in our system, please feel free to vote/comment: https://youtrack.jetbrains.com/issue/JPS-4875

0

Please sign in to leave a comment.