none
FBA + Ldap Authentication: Email as the username RRS feed

  • Question

  • I have a web application configured with FBA and LDAP. It working as expected and users are able to login but they have to use their username not email address. What changes do I need to make to allow users to login using their email addresses? Following is the membership config:

    <add name="LdapMember" 
    			type="Microsoft.Office.Server.Security.LdapMembershipProvider, Microsoft.Office.Server, Version=14.0.0.0, Culture=neutral, PublicKeyToken=71e9bce111e9429c" 
    			server="xxxx.xxxx.com" 
    			port="389" useSSL="false" 
    			userDNAttribute="distinguishedName" 
    			userNameAttribute="sAMAccountName" 
    			userContainer="dc=xxxx,dc=com" 
    			userObjectClass="person" 
    			userFilter="(ObjectClass=person)" 
    			scope="Subtree" 
    			otherRequiredUserAttributes="sn,givenname,cn" />

    I have tried adding the attributeMapUsername="userPrincipalName" and confirmed userPrincipalName is where we store email addresses. Any help will be much appreciated.

    Thanks!

    Tuesday, January 8, 2013 9:20 PM

Answers

  • The "userNameAttribute" needs to be "mail" and not "sAMAccountName".

    See here for an example using mail as the attribute:

    http://sharepoint.nauplius.net/2012/11/sharepoint-2010-and-2013-sample-active-directory-lightweight-directory-services-configuration-files/


    SharePoint - Nauplius Applications
    Microsoft SharePoint Server MVP
    MCITP: SharePoint Administrator 2010

    -----------------------
    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

    • Proposed as answer by Ivan Sanders Thursday, January 10, 2013 2:24 AM
    • Marked as answer by birixiote Thursday, January 10, 2013 2:58 AM
    Tuesday, January 8, 2013 10:08 PM
    Moderator

All replies

  • The "userNameAttribute" needs to be "mail" and not "sAMAccountName".

    See here for an example using mail as the attribute:

    http://sharepoint.nauplius.net/2012/11/sharepoint-2010-and-2013-sample-active-directory-lightweight-directory-services-configuration-files/


    SharePoint - Nauplius Applications
    Microsoft SharePoint Server MVP
    MCITP: SharePoint Administrator 2010

    -----------------------
    This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs.

    • Proposed as answer by Ivan Sanders Thursday, January 10, 2013 2:24 AM
    • Marked as answer by birixiote Thursday, January 10, 2013 2:58 AM
    Tuesday, January 8, 2013 10:08 PM
    Moderator
  • Thanks Trevor that worked. I used userPrincinpalName instead of mail though.
    Thursday, January 10, 2013 2:58 AM