Auto Create User Question,,,,

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Auto Create User Question,,,,

dvalliere
Hello,

 I have a question around Auto Create User that Artifactory has implemented. We are using Version 4.4.2 of Artifactory.
Artifactory has been configured for LDAP.  Here is the configuration details for the Artifactory LDAP Settings :

Setting               GP recommended change Explanation
Settings Name      : IBMBluePages_GPTest
LDAP URL            : ldaps://bluepages.ibm.com:636
Auto Create
Artifactory Users     : enabled
User DN Pattern    : (none)
Email Attribute    :  preferredIdentity                       Avoids creating multiple ids for people who have multiple email addresses in BluePages. See note 1.
Search Filter    :  mail={0}
Search Base     :  ou=bluepages,o=ibm.com           Limits scope of search, to just people (and functional ids). Doesn't waste time searching groups or anything else in IBM LDAP.
Manager DN     :  (none)
Manager Password : (none)
Sub-tree Search      : enabled                                    Not needed when search is scoped as above.

The test we ran was done with the Auto Create User enabled.  This means when we logged into Artifactory an internal
userid was created.  The userid  ejones@foo.com was authenticated after being looked up with LDAP.  This worked fine,

 Our company allows employees to have more than one email address.   The second test we ran tried to use the second
email address and we expected to be able to authenticate with it but Artifactory created a second internal userid.  At that point it
was mentioned we may need to try contacting you to see if we could get an answer to our question.

Our LDAP implementation allows for more than one email so a snippet sample response may look like  :
                .
                .
                .
emailAddress: e_jones@foo.com
emailAddress: edJones@foo.com
emailAddress: ejones@foo.com
mail :  e_jones@foo.com
mail :  edJones@foo.com
mail :  ejones@foo.com
preferredIdentity:  ejones@foo.com
                .
                .
                .

What I want to be able to is have the user be be created in such a way that he is able to use all 3 email addresses to Login to Artifactory and have the internal account created using the preferredIdentity?
This would allow the end users to login with any of three emails and authenticate with the preferredIdentity field that gets stored as the internal user. Is there a way that this can be configured in Autofactory's ?

Thanks,
-Dave