Re: ADAM Bind attribute question

From: Lee Flight (lef_at_le.ac.uk-nospam)
Date: 02/23/05 

Date: Wed, 23 Feb 2005 22:58:06 -0000

Hi Jim

you could have ADAM users bind by uid if you had uid as the
rDNAttID in the class definitions at the time you created the classes.
I have tried it and it does work but I do not have it in production
so I could not guarantee it as a totally safe thing to do.

If you have existing instances, you would pretty much have to tear
down your existing instance and rebuild.

If you do try a test scenario you would need to be aware of the
exiting uid attribute definition in the MS-User.ldf, if you use that
class. That attribute is multivalued and not indexed, whereas you would
probably want it single-valued and indexed.

One other thing, in ADAM you can bind by userPrincipalName, which is
just a (2.5.5.12) unicode string, so if you are not using that attribute
already
you could populate with the uid string

 smithj

or even a string (note this just a string not a DN)

 uid=smithj,ou=users,dc=domain,dc=org

and a simple bind to either of those should work. The string that looks
like a DN might get you out of a hole if the client application was hard
coded for a DN of that form, but I'm not seriously recommending it,
consider it a curiousity...

HTH
Lee Flight

"Jims" <biz@neocasa.net> wrote in message
news:OLGFUReGFHA.3916@TK2MSFTNGP12.phx.gbl...
> Is it possible to change the bind dn attribute in ADAM? For instance, our
> userprox y and user objects currently have to bind with
> cn=smithj,ou=users,dc=domain=dc=org. Can we change this so they would
> bind with uid=smithj,ou=users,dc=domain,dc=org?
> Thanks,
> Jim
>

Relevant Pages

  • Re: ADAM Bind attribute question
    ... You should use userPrincipalName in place of UID. ... userPrincipalName is a freeform string that you can use to bind. ... Unfortunately, ADAM does not support attribute aliasing, so you'll have to ...
    (microsoft.public.windows.server.active_directory)
  • Re: ADAM Bind attribute question
    ... Because we are migrating from IPlanet to ADAM, ... inquiries from our developers why they can't bind to uid like with Iplanet. ... > just a unicode string, so if you are not using that attribute ...
    (microsoft.public.windows.server.active_directory)
  • Re: How Redirect ADAM to AD ?
    ... To use a simple bind, you must create bind proxy objects in ADAM for your AD ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... LDAP bind, then a bind proxy is what you want to create. ...
    (microsoft.public.windows.server.active_directory)
  • Re: adam bind-redirect
    ... could benefit from bind redirect/User Proxy Object ... The store for Azman will also be an ADAM. ... > They have there own SSO solution thats similar to forms authentication. ...
    (microsoft.public.windows.server.active_directory)
  • Re: ADAM Sign in Problem
    ... Are you trying to do simple bind with a Windows user? ... By default, ADAM can ... exist in the Adam Instance and ist not disabled. ... account is disabled due a password that does not conform to the ...
    (microsoft.public.windows.server.active_directory)
Loading