LDAP Query

PSGITech
PSGITech used Ask the Experts™
on
I am in the process of setting up a SSO with SAML, its asking me for an LDAP Attribute for a LDAP query that can query my AD for account name, any idea what that would be?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2013
Commented:
I'm guessing it wants either samaccountname or userPrincipalName

Good page that shows attribute names behind ADUC  http://www.selfadsi.org/user-attributes.htm

Thanks

Mike
Vipin VasudevanInfrastructure Specialist

Commented:
(&(objectCategory=person)(objectclass=User)(samaccountname=*)) will query the user account with samaccount name

YOu can user CN,UPN or mail for querying users..
You'll probably need to configure settings similar to this:
Search Scope: subtree
Search base: dc=yourdomain,dc=com
Depending on how you tell it what query to use, it may need something like this: (&(samaccountname=%s)(objectClass=user))

Use samaccountname if you want the users to use their username, use userprincipalname if you want them to use (what is usually) their email address.
Leon FesterSenior Solutions Architect

Commented:
Post a screenshot of the screen that's asking you the question.
Would be easier to find the correct answer.

Or maybe this link will help:
http://en.wikipedia.org/wiki/SAML_2.0
Premkumar YogeswaranSr. Analyst - System Administrator

Commented:
For LDAP search in SAML refer this link:

http://lists.forgerock.org/pipermail/openam/2011-December/004202.html

Hope this helps,

Regards,
Prem

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial