Ubuntu SSSD LDAP authenticate with username & email address

massoo

New Member
Joined
Oct 21, 2024
Messages
1
Reaction score
0
Credits
25
Hello,

As of now I am able to authenticate with Onelogin VLDAP service using the username. I would also like to authenticate with email address in addition to the username.

Some of users are created with their email address as their username and I am unable to authenticate against LDAP with these email addresses as their usernames.

The /etc/sssd/sssd.conf is : https://pastebin.com/raw/jMzmRFC4

The /etc/nsswitch.conf is : https://pastebin.com/raw/s8Eap6HP

The /var/log/sssd/sssd_domain.com.log is :

part#1/3 : https://pastebin.com/raw/mwpcCDx3

part#2/3 : https://pastebin.com/raw/UxfzxkNJ

part#3/3 : https://pastebin.com/raw/VLNTyCzf


BTW: the usernames are:
Working Case: username = abc123
Not Working Case: usernames = [email protected], [email protected] , [email protected] (emailaddress of ldapuser01) [email protected] (emailaddress of ldapuser02)

The user [email protected] has never authenticated in the system and hence nothing is cached

Please help to resolve this.

I also observed that even after keying the password twice, we cannot login into the Ubuntu GUI, it just returns back to the screen to key in the password. Sometimes succeeds after 2 attempts, and sometimes 3 attempts.

The OneLogin VLDAP services are configured as : Virtual distinguished name Virtual DN: cn=email,ou=users,dc=mysubdomain,dc=onelogin,dc=co m User Identifier (cn)

Note: When

a. "ldap_user_name = username" in [domain/mydomain.com], we can authenticate with username

b. "ldap_user_name =" in [domain/mydomain.com] blank or the whole line is commented, we cannot authenticate with any user account (username or mail address)

c. "ldap_user_name = mail" in [domain/mydomain.com], we can authenticate with username

How to resolve this ?
 

Members online


Top