Active Directory userPrincipalName instead of sAMAccountName

138 views
Skip to first unread message

rune.t...@gmail.com

unread,
Jun 17, 2015, 6:38:21 AM6/17/15
to lin...@googlegroups.com
hi guys,

I replaced sAMAccountName with userPrincipalName under my UserIdResolver but I am unable to login via the Self Service Portal.

Am I unable to use anything else than sAMAccountName as username?


br,
Rune

Mirko Ahnert

unread,
Jun 17, 2015, 7:27:29 AM6/17/15
to lin...@googlegroups.com, rune.t...@gmail.com
Hi Rune,

thank you for your report. This is a known issue and will be addressed in the next upcoming patch release of LinOTP.  In case you need the fix badly, we could provide you with a custom patch for your LinOTP version.

Best regards,

Mirko

-- 
Mirko Ahnert 
LSE Leading Security Experts GmbH, http://www.lsexperts.de 
Postfach 100121, 64201 Darmstadt, Germany 
Zentrale: +49 6151 86086-0 , Fax: -299 
Support Hotline: +49 6151 86086-115 
Unternehmenssitz: Weiterstadt Amtsgericht Darmstadt: HRB8649 
Geschäftsführer: Oliver Michel, Sven Walther 

rune.t...@gmail.com

unread,
Jun 17, 2015, 7:43:39 AM6/17/15
to lin...@googlegroups.com, rune.t...@gmail.com
Hi Mirko,
I've just downloaded and am running the latest version available.

The reason I ask is because all our authentication is tied to UPN as it's identical to the users primary email address and they don't forget it easily :)

Our underlying sAMAccountName is in a format that's less easy to remember.

If you have a fix ready and available I'd like a copy, thank you.
br,
Rune

Mirko Ahnert

unread,
Jun 17, 2015, 10:58:33 AM6/17/15
to lin...@googlegroups.com, rune.t...@gmail.com
Hi Rune

you find the patched files as attachement. Please be aware: you apply them at your own risk. To be on the safe site wait for the next official patch release of LinOTP.

Best regards,

Mirko

-- 
Mirko Ahnert 
LSE Leading Security Experts GmbH, http://www.lsexperts.de 
Postfach 100121, 64201 Darmstadt, Germany 
Zentrale: +49 6151 86086-0 , Fax: -299 
Support Hotline: +49 6151 86086-115 
Unternehmenssitz: Weiterstadt Amtsgericht Darmstadt: HRB8649 
Geschäftsführer: Oliver Michel, Sven Walther 


repoze_auth.py
user.py

Rune Tipsmark

unread,
Jun 17, 2015, 3:18:54 PM6/17/15
to Mirko Ahnert, lin...@googlegroups.com
hi Mirko,
Thanks for the patch files, I will try them out - what is the ETA for the next version of LinOTP?
br,
Rune

rune.t...@gmail.com

unread,
Apr 23, 2016, 11:13:08 AM4/23/16
to LinOTP, rune.t...@gmail.com, Mirko Ahnert
hi Mirko,

Just installed the latest version and out of the box unable to log in to self service using UPN. I did modify the username attribute to userPrincipalName and removed SplitAtSign checkbox.

sAMAccountName works just fine, but how to I set it up in the latest version to accept userPrincipalName.

br,
Rune

Rune Tipsmark

unread,
Apr 24, 2016, 9:37:14 AM4/24/16
to LinOTP, Rune Tipsmark, Mirko Ahnert
nevermind, I changed a few things back and forth and restarted apache2 and now it works ... :)
Reply all
Reply to author
Forward
0 new messages