URL:
https://github.com/SSSD/sssd/pull/644
Title: #644: When multiple UIDs exist, use the username provided by the user as the first
lookup
joeFischetti commented:
"""
Correct. UID in ldap is allowed to be multi valued.
I'm still curious under what circumstances a user would log in using one name, and be
acting on a system with another. In every system I can think of, the name entered at the
prompt is the username used on the system. Email, banking, windows, macos, it doesn't
matter. If I enter "joefischetti" at the prompt I'm "joefischetti"
on the system. The exception obviously being case, and in windows, diacritical marks (ō
matches ø matches ö matches o)
I understand the issue of doing a lookup when no username was provided (@sumit-bose
outlined that already), but how is the current implementation better than that?
"""
See the full comment at
https://github.com/SSSD/sssd/pull/644#issuecomment-430638924