Novell is now a part of Micro Focus

Providing Unique IDs with ConsoleOne

Novell Cool Solutions: Tip
By Mitch Mitchell

Digg This - Slashdot This

Posted: 4 May 2005


"... a great tip - and a solution that is frequently missed, even by the experts. Thumbs up!
--Jim Henderson, eDirectory Product Specialist

You have eDirectory users created that do not contain the uniqueID attribute. You are trying to use a Web application or other application that requires LDAP authentication. Some users can authenticate, but the users that do not have the uniqueID attribute cannot authenticate.


Using ConsoleOne, modify the LDAP Group Attribute mappings so that the uniqueID, userid, and uid map directly to the CN. This eliminates the need of populating the uniqueID attribute on your user objects.

To do this,

  1. Load ConsoleOne.
  2. Go to the properties of the LDAP Group object for the LDAP server(s) you will be querying against.
  3. Click the Attribute Mappings tab.
  4. Delete the uniqueID attribute.

  5. Figure 1: Deleting the uniqueID attribute

  6. Modify the existing CN attribute and add uid, uniqueID, and userid as Secondary LDAP Attributes.

  7. Figure 2: Adding Secondary LDAP Attributes

Now when you do an LDAP query for uid, uniqueID or userid, they will all respond with the CN. You no longer need to have the uniqueID populated! Unless you normally have the uniqueID as something different from the CN, this attribute mapping procedure is a very easy way to solve the problem.

Note: This Cool Solutions tip is a response to another one that was posted earlier:

Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions.

© Copyright Micro Focus or one of its affiliates