The name of the attribute to search for in the LDAP server.

When you authenticate a user in LDAP, it searches the group and its subdirectories for the username you provide in the action. You can specify the group in the Group configuration parameter, or in the Group action parameter in the Security or UserRead action. If IDOL Community Component finds the specified username in this attribute, it attempts to authenticate against it with the credentials provided in the action.

Note: If there is more than one user with the specified username, authentication fails.

If your LDAP server does not allow anonymous binding, you must use BaseDN and BaseDNPassword to specify the credentials of an LDAP user that has permission to perform the search.

If you do not set KeyUsername, you must set RDNAttribute to perform LDAP authentication. In this case, IDOL Community Component does not perform a search, and it can only authenticate users within the Group directory, and not subdirectories.

Type: String
Required: No
Configuration Section: MySecurityRepository
Example: KeyUsername=uid
See Also:





UserRead action Group parameter