LDAP usernames and properties

Hi all,

I have configured the LDAP authenticator, which works really well.

Except - the user properties are not synced (first_name, last_name, email), and the user name in XWiki is a clean version of the “uid” field of LDAP (which contains my email address), and not the “cn” field (which contains my name).

Any ideas what I could do differently? My configuration is here: https://is.gd/EfYvwc


Well that’s not what you said in the configuration:


I guess sn and givenName are not the right LDAP fields ?

so, finally I get around to answer. Yes, those are the right fields, I checked with ldapsearch.

Our LDAP uid is numerical, usually. So I modified the UID_attr field to be pkUsername, which is a custom LDAP field we use for a unique but textual username, consisting of a-z and “.”. The “cn” field contained spaces (a readable user name, which was probably the wrong choice.

Then I logged in again with my credentials, and my display name did not get updated. I don’t really get how this should behave, whether I get a new user or a changed display name. but both didn’t happen.

I also see a lot of “encoding” exceptions in the logs.

any ideas?