Hi
We have an xwiki installation with xwiki users authenticated by idm, we are now moving to AD for authentication. The problem is that for some users a new account is created instead of using the existing one with the same name. This only happens when the user name has changed between the 2 auth methods, yet all details in xwiki are the same, a user “name_1” is created.
I figure there must be some configuration that would avoid this, but several days of reading, google and testing and I’m out of ideas
There is not really any configuration for what you want to do right now.
LDAP users contains an object with the user uid so the LDAP authenticator reuse a user profile page only if it contains an object with the same uid, otherwise it creates a new page to not break the other user.
So if you want to reuse a user page with a specific LDAP uid you will need to make sure this page contains an object of type XWiki.LDAPProfileClass
with the right uid in it (the DN is stored, but it’s not really used to match a page to reuse, so you don’t need to set/update it).
say I have 2 users, fred.user1 & joe.user2, when I look at the classes on the profile page for both, they have xwiki.freduser1 & xwiki.joeuser2 yet, with auth = AD, when I login as fred freduser_1 is created, login as joe.user2 and the existing user is used
I’m not really sure what you mean, those don’t look like LDAP uids.
What login string do you use in the login form and what value do you see in the field LDAP user unique identifier
of the object LDAPProfileClass 0
(you need to click it to open it) ?
LDAPProfileClass says uid
for my examples I would enter fred.user1 on the login and it would create freduser1_1 as a new user instead of the existing freduser1 login, if I login as joe.user2 the existing user account joeuser2 is used
thats for the pointers, I found the LDAP unique user identifier within XWiki.LDAPProfileClass:0 for the fred was wrong