LDAP authentication issue


#1

Greetings all,

I have an issue with MIQ authenticating against our AD controllers - For years our UPN was set to our users GUID’s, 6 months ago this was changed to firstname.lastname due to a requirement for Office 365.

MIQ is the only product in our enterprise where users now have to logon using their firstname.lastname. All other systems preform their authentication using the account attribute SAMAccount. (Not available in MIQ).

I can see from an LDAP browser that cn=GUID,which is great and I can see that MIQ supports CN distinguished name, however I can only get MIQ to authenticate using a user’s GUID if I specify the full OU path to a user’s ID.

E.g OU=UK-London, OU=Provisioned, OU=Users,DC=acme,DC=global,DC=com

The issue with that is our users are dotted around all over our AD. If I just
specify pbi,DC=acme,DC=global,DC=com MIQ returns username or password is incorrect.

Is there any way I can get the CN user type to propagate down the directory tree starting at the root? Like the UPN user type?

Thanks,
Simon


#2

@abellotti Would you please take a look at this issue?