[389-users] using uid rather then cn in the binddn

[Dumbo Q]

Is there any reason to use cn vs. uid for a user login.  I would like people to be able to use uid=... as their binddn, and Leave cn as the users full name.  I'm just not sure how this works, or why for that matter.

1. The ldap browser tool that i am using displays a tree view of my ldap entries.  In the tree, it displays the cn for each user (which in my opinion should be the full name).

2. When a linux user logs in, ldap binds as the user logging in with 'cn=userid,ou=...'.  Im not sure how it knows to use cn rather then uid, and i don't see anywhere to specify that.  So, my usernames are all stored in as cn.

3. Thunderbird's addressbook displays the cn as the persons full name.  In my case, that means that you see everyones username instead of there real name.  It does not respect the displayname attribute like outlook does.  There is a workaround in 'user.js' but that would be a real pain to set that up on everyones computer.



I believe my solution would be to have each users dn use uid rather then cn.  Is this the correct approach?  Is this possible?


      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20090622/f6755a1a/attachment.html>