What's the difference in using distinguished name with cn or uid when logging into LDAP?

Question

I\'m running into a problem using LDAP to authenticate logins.

We are using a Novell edirectory for authentication of other applications like Jira. ( Jira works perf

Answer 1

The naming attribute is up to the person making the object. However by default most eDirectory tools set it as cn=. If you want, you can create objects as uid= in your eDirectory. It would be hard to convert existing users.

Many LDAP tools that make this assumption will allow you to specify what the naming attribute might be.

Your app is making a bad assumption.

You can add a UID value on each object, the same as the CN, but that would not help since it is not then a naming attribute.

In other words, if the application was doing a query for (uid=XXXXXXXX) then adding a uid value that matches CN would help.

If however it is doing a bind as a specific user, as uid=XXXXXXXX,ou=users,o=mycompany that won't help.