xperseguers
commented
4 years ago Hello. This is not possible out-of-the-box but you may suggest a PR.
Closed chrosey closed 4 years ago
xperseguers
commented
4 years ago Hello. This is not possible out-of-the-box but you may suggest a PR.
Hi there,
I'm trying to use this extensions in a large AD-Forest. LDAP-Configurations are no Problem, but SSO regularly authenticates users as the wrong one.
Here is an Example: Peter is visiting the page as RemoteUser maier@xyz.example.com, but will be authenticated as Kathrin maier@abc.example.com. Thats because the LDAP-Configuration for abc.example.com is priorized before xyz.example.com. When switching the priority of these two, Kathrin and Peter would be authorized as Peter.
Is there any possibility to include the DN into the SSO-Alghorithm? Or has anybody an alternative to solve this Scenario?
Thanks in Advance :)