LDAP usernames and properties

Hi all,

I have configured the LDAP authenticator, which works really well.

Except - the user properties are not synced (first_name, last_name, email), and the user name in XWiki is a clean version of the “uid” field of LDAP (which contains my email address), and not the “cn” field (which contains my name).

Any ideas what I could do differently? My configuration is here: https://is.gd/EfYvwc

Cheers!
Axel.

Well that’s not what you said in the configuration:

xwiki.authentication.ldap.fields_mapping=last_name=sn,first_name=givenName,email=mail

I guess sn and givenName are not the right LDAP fields ?

so, finally I get around to answer. Yes, those are the right fields, I checked with ldapsearch.

Our LDAP uid is numerical, usually. So I modified the UID_attr field to be pkUsername, which is a custom LDAP field we use for a unique but textual username, consisting of a-z and “.”. The “cn” field contained spaces (a readable user name, which was probably the wrong choice.

Then I logged in again with my credentials, and my display name did not get updated. I don’t really get how this should behave, whether I get a new user or a changed display name. but both didn’t happen.

I also see a lot of “encoding” exceptions in the logs.

any ideas?