i just switched from a custom postgres database to ldap now i have finally managed to let all our services authenticate against ldap with the uid field.
However I think There are a few missing options one should be able to configure:
different basedn for users and groups (makes sense as we serve some external users too and now i have about 60 Groups where 10 would be enough)
ability to specify a login attribute as well as a jid attribute (like we have uid for login and mailRoutingAddress as JID - both single valued)
This could imho be handled by providing a switch/filter/variable that let’'s you do some more with the loginname you get from the client (e.g providing the localpart and domainpart separated as well as - for ease of use only but would be nice - the fully qualified name).
References to that are spread all over the forums but I couldn’‘t find a workaround (I’'m no coder :/) to do that.
using openldap here so I can’‘t speak for the AD people but I guess it’'ll just boil down to a ldap connection in essence
thanks hoping for it in the next release.
great work guys. I’'m actually trying to talk my bosses into buying the commercial version