Compatibility for system with samaccountname different from UPN

[blademckain]

Hi , all we have an old version of NADI (2.1.2) installed in an old wordpress (4.9)

We recently added users who have a samaccountname different than UPN in AD samaccountname: name.veryveryvery UPN: name.veryveryverylonglastname

These users are not recognized by NADI, the error is

[WARNING] NextADInt_Ldap_Connection::findAttributesOfUser [line 378] Attributes for 'xxxxxxxx': could not be loaded. Does the sAMAccountName or userPrincipalName exist? Is the provided base DN valid?

Our settings are: User-> Account suffix: ourdomain.local

[x]If checked, the sAMAccountName will be set as username for newly created users. -> checked

[x]Automatic user creation -> checked [x]Automatic user synchronization -> checked [x]Automatically update user description -> checked

Is there any way, even by installing a new version of NADI, so that the system can work with samaccountnames different than UPNs?

[schakko]

Hi @blademckain,

1. How is your sAMAccountName related the UPN? Did you mean "name.veryverylonglastname" as a sAMAccountName?
2. How do your users log in? Via sAMAccountName?

With newer versions, NADI uses the order objectGuid, userPrincipalName and sAMAccountName to look up the users in your AD. We did a big improvement with 3.1.0, released yesterday (see #188).

[blademckain]

Hi schakko, 1. samaccountname in AD is the pre 2000 login (is fixed to 20 characters) I currently have a user like this: UPN: name.veryveryverylonglastname samaccountname: name.veryveryvery <--- it is cutted to 20 characters and this user is not recognized by wordpress/NADI

2. my users log in via SSO (sso with kerberos on IIS) SSO always pass the samaccountname in the "$_SERVER['REMOTE-USER']" variable and actually ( in my version of NADI ) this doesn't match and I get an error (and the user is not recognized)