Forgotten Username LDAP Attribute

edw...@umd.edu

unread,

Feb 3, 2017, 12:52:24 PM2/3/17

to pwm-general

I posted this yesterday but I am now correcting the what I should have been asking.
I am trying to enable user's to search their forgotten username by email which then displays or sends them their accountname.

I after comparing v.1.7 and v.1.8 config files, v.1.8 does not have the option for Forgotten Username LDAP Attribute, is there another way (feature) that I can get the same functionality?

This is what v.1.7 config looks like:

<setting key="forgottenUsername.form" syntax="LOCALIZED_STRING_ARRAY">
<label>Forgotten Username Form</label>
<value><![CDATA[mail:Email Address:email:3:50:true:false]]></value>
</setting>
<setting key="forgottenUsername.searchFilter" syntax="STRING">
<label>Forgotten Username Search Filter</label>
<value><![CDATA[(&(objectClass=person)(mail=%mail%))]]></value>
</setting>
<setting key="forgottenUsername.usernameAttribute" syntax="STRING">
<label>Username LDAP Attribute</label>
<value><![CDATA[sAMAccountName]]></value>

This is what v.1.8 config looks like:

</setting>
<setting key="forgottenUsername.enable" syntax="BOOLEAN" syntaxVersion="0" modifyTime="2017-01-25T16:33:58Z">
<label>Enable Forgotten User Name</label>
<value>true</value>
</setting>
<setting key="forgottenUsername.sendUsername.sendMethod" syntax="SELECT" syntaxVersion="0" modifyTime="2017-01-25T16:34:25Z">
<label>User Name Send Method</label>
<value><![CDATA[EMAILONLY]]></value>
</setting>
<setting key="forgottenUsername.searchFilter" syntax="STRING" syntaxVersion="0" modifyTime="2017-01-25T16:34:44Z">
<label>Forgotten User Name Search Filter</label>
<value><![CDATA[(&(objectClass=person)(mail=%mail%))]]></value>

Thank you.

edw...@umd.edu

unread,

Feb 3, 2017, 3:34:55 PM2/3/17

to pwm-general, edw...@umd.edu

For clarification,I am able to login into PWM with the account name and password and not the email address.

jason.e...@gmail.com

unread,

Feb 11, 2017, 3:02:55 PM2/11/17

to pwm-general, edw...@umd.edu

Not sure where you are looking, in the gui config under the 'Forgotten Username' module there is the 'Forgotten Username Form' where you can specify attributes that are used to search for the username and then below is the send method. Do you not have that or am I not understanding? I am using a 1.8 build from a while back.

Jason

jason.e...@gmail.com

unread,

Feb 11, 2017, 3:12:45 PM2/11/17

to pwm-general, edw...@umd.edu

I pulled this from ours, modified of course a little,

<label>Forgotten Username Form</label>

<value>{"name":"someAttributeID","minimumLength":9,"maximumLength":9,"type":"text","required":true,"confirmationRequired":false,"readonly":false,"unique":false,"labels":{"":"ID"},"regexErrors":{"":""},"description":{"":""},"selectOptions":{}}</value>
<value>{"name":"sn","minimumLength":2,"maximumLength":50,"type":"text","required":true,"confirmationRequired":false,"readonly":false,"unique":false,"labels":{"":"Last Name"},"regexErrors":{"":""},"description":{"":""},"selectOptions":{}}</value>
</setting>

edw...@umd.edu

unread,

Feb 13, 2017, 10:33:57 AM2/13/17

to pwm-general, jason.e...@gmail.com

Hello Jason,

Thank you very much for your assistance. I was able to add your setting to my config in-order to get the forgotten username form.
I'm still getting the issue of PWM displaying the user's email address instead of the user's account-name when I search for the Forgotten Username.

Edwin

jason.e...@gmail.com

unread,

Feb 13, 2017, 9:36:15 PM2/13/17

to pwm-general, jason.e...@gmail.com, edw...@umd.edu

So in the gui config do you not see the forgottenUsername module?? If not, you might want to delete the war, cache, and wwwroot and redeploy, I pasted the entire contents for forgottenUsername, a little modified again of course,

<label>Forgotten Username Search Filter</label>

</setting>
<setting key="forgottenUsername.usernameAttribute" syntax="STRING">
<label>Username LDAP Attribute</label>

</setting>
<setting key="forgottenUsername.sendUsername.sendMethod" syntax="SELECT" syntaxVersion="0">

<label>Username Send Method</label>

edw...@umd.edu

unread,

Feb 15, 2017, 11:18:57 AM2/15/17

to pwm-general, jason.e...@gmail.com, edw...@umd.edu

Hello Jason,

Thank you again and I was looking at forgotten username module in the GUI config sof v1.7.1 and v1.8.0.

v1.8.0 is missing the Username LDAP Attribute which is available in v1.7.0.

Everything else works fine but this feature is critical in my environment. I hope that my explanation makes sense.

Edwin

Jason Rivard

unread,

Feb 15, 2017, 12:49:38 PM2/15/17

to pwm-general, jason.e...@gmail.com, edw...@umd.edu

You can use the setting 'Forgotten User Name Message' to show any information/attributes you desire to the user.

jason.e...@gmail.com

unread,

Feb 17, 2017, 9:27:31 PM2/17/17

to pwm-general, jason.e...@gmail.com, edw...@umd.edu

hmmm.. I can set the ldap attribute for username, see my screenshot. The only thing I can think of is that it was removed in later builds.

http://imgur.com/a/ooORR

jason.e...@gmail.com

unread,

Feb 17, 2017, 9:32:25 PM2/17/17

to pwm-general, jason.e...@gmail.com, edw...@umd.edu

Forgot to removed personal info!! Here is updated image

http://imgur.com/a/Qtv7i

Jason Rivard

unread,

Feb 18, 2017, 5:35:24 PM2/18/17

to pwm-general, jason.e...@gmail.com, edw...@umd.edu

Yes, it was removed because it's redundant for the Forgotten User Name Message setting.

jason.e...@gmail.com

unread,

Feb 19, 2017, 4:33:43 PM2/19/17

to pwm-general, jason.e...@gmail.com, edw...@umd.edu

Can you still define the username attribute at the directory level?

edw...@umd.edu

unread,

Feb 27, 2017, 9:51:03 AM2/27/17

to pwm-general, jason.e...@gmail.com, edw...@umd.edu

Thank you Jason, I was able to make a few changes and I now have access to forgotten password and forgotten username functionality.

Reply all

Reply to author

Forward