Hi all,
I have configured the LDAP authenticator, which works really well.
Except - the user properties are not synced (first_name, last_name, email), and the user name in XWiki is a clean version of the “uid” field of LDAP (which contains my email address), and not the “cn” field (which contains my name).
Any ideas what I could do differently? My configuration is here: https://is.gd/EfYvwc
Cheers!
Axel.
Well that’s not what you said in the configuration:
xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,email=mail
I guess sn and givenName are not the right LDAP fields ?
so, finally I get around to answer. Yes, those are the right fields, I checked with ldapsearch.
Our LDAP uid is numerical, usually. So I modified the UID_attr field to be pkUsername, which is a custom LDAP field we use for a unique but textual username, consisting of a-z and “.”. The “cn” field contained spaces (a readable user name, which was probably the wrong choice.
Then I logged in again with my credentials, and my display name did not get updated. I don’t really get how this should behave, whether I get a new user or a changed display name. but both didn’t happen.
I also see a lot of “encoding” exceptions in the logs.
any ideas?