3 Replies Latest reply on Aug 5, 2009 4:21 PM by SafeBoot

    User Attributes - AD Connector

      I'm tryin to use one of the following attributes for the "user name" field:

      mail
      mailNickname
      userPrincipalName

      The only one that seems to work is: SAMAccountName

      Whoever set this domain up previously had no naming convention for the user account names. The only consitency is one of the three I mention above.

      Please advise.

      Thank you.
        • 1. RE: User Attributes - AD Connector
          you need to qualify what "The only one that seems to work is" means - what is not working about using the others?

          I must admit I had a look in my AD, and I don't have the mailNickName attribute - my AD is quite old though. I only have the mail attribute in some accounts.

          are you sure they exist in your directory? Did you check with LDAPBrowser that they are exposed?

          the connector log should give you a hint as to what's going wrong - perhaps post a fragment here showing the problem?
          • 2. RE: User Attributes - AD Connector
            "Invalid string" on all 3 LDAP attribute besides SAMAccountName


            Side note:
            Also, I get "No group mapping" for some users in the MemberOF on the Group mappings.
            Half work, the other's do not (all are in the same OU)

            Oh, and yes, LDAP browser has the attributes.
            • 3. RE: User Attributes - AD Connector
              memberOf attributes are case sensitive - you must specify then exactly.

              I would poke around with the LDAP browser re the other attributes - maybe some 3rd party plugin has indeed corrupted them, or perhaps they are missing for the accounts you're trying to add.

              Group mappings and OU memberships are completely different things - there's no real relationship between them. An OU is a container, whereas a group is a relationship.

              Yes, I know that makes little sense, but that's common with AD wink