1

Here is my question. Can LDAP reference the current Active Directory user name rather than the Pre-Windows 2000 name? Here are the details of the question.

We have a new Windows 2008 Server R2 running our vendor's municipal payroll and general ledger whose user names are case sensitive.

Our vendor did what they called an LDAP-synch from our Active Directory (Windows Server 2003 R2) to our new server. What we have found is that the LDAP-synch used the Pre: Windows 2000 name, not the current user name. Here is an example.

In our vendor's application, they flatten the user name to lower-case before authentication, so GSmith would log in as gsmith. That failed, because the current user name was gsmith, but the Pre Windows 2000 name was GSmith, and GSmith is how the account was set up, and our vendor's application uses case sensitive user names. Not all our Active Directory accounts are set up that way, but some of them are.

Can I tweak LDAP to use the post-Windows 2000 name, or is this part of LDAP that cannot be configured?

octopusgrabbus
  • 175
  • 5
  • 21

1 Answers1

2

There is no standard LDAP sync. The software being used certainly should be able to access any ldap attributed that has been defined, which includes the post-Windows 2000 name. You will need to work with your vendor to have them adjust their software too look at the correct attributes. There is nothing you need to do on the Window server side. It all setup in the tool that syncs to the ldap directory.

Zoredache
  • 130,897
  • 41
  • 276
  • 420
  • This is very helpful. Thanks. I don't quite know what the vendor did, but I believe it involved VanDyke's VShell server. I'm going to check further. – octopusgrabbus Sep 26 '12 at 17:46