Environment
Self Service Password Reset
SSPR 2.0
Situation
Configuring SSPR to authenticate with custom attributes
How to login to SSPR with something other than the standard user id.
Login to the SSPR authentication page using a custom attribute such as 'myCurrentName'
Resolution
SSPR can be configured to use any attribute, including custom attributes.
This is done through the SSPR config manager by setting -> LDAP -> Username Search Filter (Advanced).
For example, replace the default string in the Username Search Filter with something like this:
(&(objectClass=inetOrgPerson)(myCurrentName=%USERNAME%)
or like this:
(&(objectClass=person)(|(myCurrentName=%USERNAME%)(samAccountName=%USERNAME%)(cn=%USERNAME%)))
Additional Information
Note that the custom attribute 'myCurrentName' shown in this example was even part of a custom objectClass, 'myPerson.'