Authenticating to SSPR using custom attributes

  • 7012733
  • 27-Jun-2013
  • 27-Jun-2013

Environment

Self Service Password Reset
SSPR 2.0 

Situation

Configuring SSPR to authenticate with custom attributes
How to login to SSPR with something other than the standard user id. 
Login to the SSPR authentication page using a custom attribute such as 'myCurrentName'

Resolution

 
 
SSPR can be configured to use any attribute,  including custom attributes.  
This is done through the SSPR config manager by setting -> LDAP -> Username Search Filter (Advanced).  
For example, replace the default string in the Username Search Filter with something like this:
 
(&(objectClass=inetOrgPerson)(myCurrentName=%USERNAME%)
 
or like this:
 
(&(objectClass=person)(|(myCurrentName=%USERNAME%)(samAccountName=%USERNAME%)(cn=%USERNAME%)))

Additional Information

Note that the custom attribute 'myCurrentName' shown in this example was even part of a custom objectClass, 'myPerson.'