Adapting `username` with Typoscript fails
cdaecke opened this issue · comments
Like written in the documentation, I would assume, that I get firstname.lastname
out of firstname.lastname@domain.local
by using the following Typoscript in the LDAP configuration for be_users
(field be_users_mapping
), but I get an empty value:
username {
field = userPrincipalName
split {
token =@
cObjNum = 1
returnKey = 0
1.current = 1
1.wrap = |
}
}
Using the following works:
username {
field = mail
split {
token =@
cObjNum = 1
returnKey = 0
1.current = 1
1.wrap = |
}
}
Is there a reason, why I can't use userPrincipalName
or is this a bug?
The only reason I can think of is that somehow userPrincipalName
is not a returned attribute from LDAP. For instance I remember that in some cases (or some LDAP configurations), the attributes are always lowercase.
When using the search wizard, do you confirm you really get a userPrincipalName
attribute?
You are absolutely right, userprincipalname
(all lowercase) is working:
username {
field = userprincipalname
split {
token =@
cObjNum = 1
returnKey = 0
1.current = 1
1.wrap = |
}
}
One more question:
How do you coop with the limitation of 20 characters in sAMAccountName
? I thought, switching to userprincipalname
would work and give me the full login name. The above example cuts of the "@domain.local" successfully and saves "firstname.lastname" as username in TYPO3 database, but the login is not working, because in LDAP field be_users_filter
it checks against the full userprincipalname
, which obviously can't work:
(&(objectCategory=Person)(userprincipalname={USERNAME})(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))
PS: Thanks for the hint to the search wizard, I never had a close look on it.
If you really want to cut off the username, I guess you should switch the filter so that there is a wildcard (or @*
) appended automatically. Did you try?
Adding the string, which I cut of helped. So a combination of this filter (be_users_filter
):
(&(objectCategory=Person)(userprincipalname={USERNAME}@domain.local)(!(UserAccountControl:1.2.840.113556.1.4.803:=2)))
and that mapping configuration (be_users_mapping
)
username {
field = userprincipalname
split {
token =@
cObjNum = 1
returnKey = 0
1.current = 1
1.wrap = |
}
}
works for me.
Thanks for your help and this outstanding extension!