release the exact ldap attribute value

Peter Schober peter.schober at
Wed Nov 20 11:42:53 EST 2019

* Souleye Ndiaye <ndiaye.souleye at> [2019-11-20 14:21]:
> how can i tell the idP to return the exact LDAP value (e.g. uid) instead
> the user entry during authentication? I want to achieve that a  uid „case
> matching“ between SP and LDAP is guaranteed.

What Ian said: By looking up its value and releasing what's stored in
LDAP, i.e., by avoiding the "PrincipalName"-type attribute defintion
and using LDAP for normalization of the values (assuming you have
conistent values stored in LDAP, of course).


More information about the users mailing list