This configuration can be done directly in EEM by logging as EiamAdmin and navigating to below location:
Configure tab >> User Store >> LDAP Attribute Mapping
Then, create a new custom attribute mapping based on Microsoft Active Directory. Change only “User Authentication Filter”:
- from: “(&(objectClass=user)(!(objectClass=computer))(sAMAccountName=”
- to: “(&(objectClass=user)(!(objectClass=computer))(userPrincipalName=”
Click on "Save As" button to save this new configuration with another name (in this example it is saved as "Custom AD").
Customer should be changing the filter according to what is in their AD attributes.
They could use any LDAP browser tool such as JXplorer to verify which AD attribute has the user's email address.
In this example we used "userPrincipalName".
Then, create a new mapping to the Microsoft AD and select to use the Custom mapping created (as the example "Custom AD"). For this, navigate to below location:
Configure tab >> User Store >> User Store