THE INFORMATION IN THIS ARTICLE APPLIES TO:
- EFT Server (All Versions)
Does the EFT Server support “constructed” attributes (e.g. msds-PrincipalName) for the username attribute?
No, “constructed” attributes are not supported for the username attribute.
Using “constructed” attributes as a username for LDAP Authentication will cause users to fail to log in. LDAP authentication relies on search filters to find the username during the login process, and constructed attributes in the search filter are not supported by Active Directory nor the RFC2251.
Active Directory does not support constructed attributes (defined in section 220.127.116.11.5) in search filters. When a search operation is performed with such a search filter, Active Directory fails with inappropriateMatching ([RFC2251] section 4.1.10).
constructed attribute: An attribute whose values are computed from normal attributes (for read) and/or have effects on the values of normal attributes (for write).