From e1e1d6cd207b17520a84540d154dff3928a6708e Mon Sep 17 00:00:00 2001 From: Valentin Tolmer Date: Fri, 29 Apr 2022 09:46:08 +0200 Subject: [PATCH] ldap: accept "uid" or "cn" as username --- server/src/infra/ldap_handler.rs | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/server/src/infra/ldap_handler.rs b/server/src/infra/ldap_handler.rs index 6e1e5f9..406b64c 100644 --- a/server/src/infra/ldap_handler.rs +++ b/server/src/infra/ldap_handler.rs @@ -80,7 +80,10 @@ fn get_user_id_from_distinguished_name( bail!("Not a subtree of the base tree"); } if parts.len() == base_tree.len() + 2 { - if parts[1].0 != "ou" || parts[1].1 != "people" || parts[0].0 != "cn" { + if parts[1].0 != "ou" + || parts[1].1 != "people" + || (parts[0].0 != "cn" && parts[0].0 != "uid") + { bail!( r#"Unexpected user DN format. Got "{}", expected: "cn=username,ou=people,{}""#, dn, @@ -803,7 +806,7 @@ mod tests { LdapHandler::new(mock, "dc=example,dc=com".to_string(), UserId::new("test")); let request = LdapOp::BindRequest(LdapBindRequest { - dn: "cn=bob,ou=people,dc=example,dc=com".to_string(), + dn: "uid=bob,ou=people,dc=example,dc=com".to_string(), cred: LdapBindCred::Simple("pass".to_string()), }); assert_eq!(