Providing Unique IDs with ConsoleOne
Novell Cool Solutions: Tip
By Mitch Mitchell
Digg This -
Posted: 4 May 2005
"... a great tip - and a solution that is frequently missed, even by the experts. Thumbs up!
You have eDirectory users created that do not contain the uniqueID attribute. You are trying to use a Web application or other application that requires LDAP authentication. Some users can authenticate, but the users that do not have the uniqueID attribute cannot authenticate.
Using ConsoleOne, modify the LDAP Group Attribute mappings so that the uniqueID, userid, and uid map directly to the CN. This eliminates the need of populating the uniqueID attribute on your user objects.
To do this,
- Load ConsoleOne.
- Go to the properties of the LDAP Group object for the LDAP server(s) you will be querying against.
- Click the Attribute Mappings tab.
- Delete the uniqueID attribute.
- Modify the existing CN attribute and add uid, uniqueID, and userid as Secondary LDAP Attributes.
Figure 1: Deleting the uniqueID attribute
Figure 2: Adding Secondary LDAP Attributes
Now when you do an LDAP query for uid, uniqueID or userid, they will all respond with the CN. You no longer need to have the uniqueID populated! Unless you normally have the uniqueID as something different from the CN, this attribute mapping procedure is a very easy way to solve the problem.
Note: This Cool Solutions tip is a response to another one that was posted earlier: http://www.novell.com/coolsolutions/tip/14752.html
Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com