Since we have been using NDS for 15 years, we don't have the big flat pile of accounts that Active Directory has bestowed upon most. We use NGWObjectID as our unique naming attribute. Is there a way to have DS use this as our naming attribute?

The issue we are experiencing is that when users are added they inevitable do not have unique CN's. So we modify the Application User Name in the connector, but the user is unable to login using that ID.

For example, we have cn=Jane,ou=Physics,o=Faculty and cn=Jane,ou=Music,o=Faculty and when Jane from Physics logs in, we see it trying to authenticate against the first Jane found. Now both Janes do have unique NGWObjectID, e.g. JaneSmith vs JaneQPublic.


-- Bob