I understand that if you try to authenticate with an email address e.g. me@server.com, ldap assumes there is a user "me" in a domain "server.com" (i.e DC=com,DC=server) in the ldap directory.
I wonder if it is possible at all to have users use their own email accounts (like me@gmail.com) to login to my ldap server even though I don't have all ther email address domain names defined as domains in my ldap directory?
Any pointers appreciated.
Best Answer
This question probably needs more specifics, like what software is performing the auth, what LDAP server is it authing against? Generally speaking, you can do whatever the heck you want to allow yourself to do in LDAP.
My think would be:
dn: uid=me,dc=server,dc=com
And then me has an attribute:
emailAddress=me@gmail.com
for this latter case, if you were using Apache to auth, you might have a configuration like this:
Here, Apache would search for a user with
emailAddress=me@gmail.com
, and log in userme
using that address.-danny