We are doing LDAP authentication against two AD domains. One works fine because the samaccountname and the CN are the same. The other AD domain has Lastname/, Firstname for the CN. But the samaccountname has the actual login userid. But since the CN is what is part of the DN, that is what shows up in the logs. How can I get the samaccountname to show up in the logs for that one domain?
I have an idea of how to do this, but I'd want to work it into the rules correctly.
Do you have a case started, and have you sent in a feedback? If so, let me know the SR.
Please start a case if you have not. Please do NOT upload a feedback here.
For future reference, here is what we came up with:
This ruleset allowed us to authenticate against two LDAP directories (LDAP1 and LDAP2), and rewrite the usernames from the full DN syntax (cn=administrator,cn=users,dc=vegas,dc=local) to the simple string (administrator).