FAQ  Search  Memberlist  Usergroups  Register  Profile  Private messages  Log in

ADAM - duplicate userPrincipalName

Forum Index -> microsoft.public.windows.server.active_directory

Author	Message
Saumin Guest	Posted: Mon May 15, 2006 10:08 pm    Post subject: ADAM - duplicate userPrincipalName Hi, I have a question regarding ADAM. We are trying to port our web application authentication from database to ADAM. Our web app has many users with same username, but since they are distinct per clientcompany, it is fine. Now, this is a problem with ADAM, as UserPrincipalName has to be unique throughout an instance. Is there any way to work around this? How do i design for ADAM in this situation? Any thoughts/ideas would be greatly appreciated. Thanks! Saumin
Back to top
Joe Kaplan (MVP - ADSI) Guest	Posted: Mon May 15, 2006 11:31 pm    Post subject: Re: ADAM - duplicate userPrincipalName You need to flatten out your data design. Perhaps you could include the company name in the UPN (user@company for example) to make the user name unique, and then use the logic you were originally using to log the users in to get the company name and use that to build the login username dynamically. It really depends quite a bit on how you were handling this abiguity beforehand. Joe K. "Saumin" <Saumin@discussions.microsoft.com> wrote in message news:22D9C210-85F7-4137-803B-021EA0BC9F60@microsoft.com... Quote: Hi, I have a question regarding ADAM. We are trying to port our web application authentication from database to ADAM. Our web app has many users with same username, but since they are distinct per clientcompany, it is fine. Now, this is a problem with ADAM, as UserPrincipalName has to be unique throughout an instance. Is there any way to work around this? How do i design for ADAM in this situation? Any thoughts/ideas would be greatly appreciated. Thanks! Saumin
Back to top
Joe Richards [MVP] Guest	Posted: Tue May 16, 2006 5:59 am    Post subject: Re: ADAM - duplicate userPrincipalName username@clientcompany? username.company? company.username? There must be some way you are making them unique in your DB, follow a similar path. -- Joe Richards Microsoft MVP Windows Server Directory Services Author of O'Reilly Active Directory Third Edition www.joeware.net ---O'Reilly Active Directory Third Edition now available--- http://www.joeware.net/win/ad3e.htm Saumin wrote: Quote: Hi, I have a question regarding ADAM. We are trying to port our web application authentication from database to ADAM. Our web app has many users with same username, but since they are distinct per clientcompany, it is fine. Now, this is a problem with ADAM, as UserPrincipalName has to be unique throughout an instance. Is there any way to work around this? How do i design for ADAM in this situation? Any thoughts/ideas would be greatly appreciated. Thanks! Saumin
Back to top
Saumin Guest	Posted: Tue May 16, 2006 5:17 pm    Post subject: Re: ADAM - duplicate userPrincipalName Hello Joe, Thanks for your response. My current scenario is that our clients are assigned unique URLs like clientcompany.mywebapp.com. they go to a login page where they enter username/password. hence, there is a unique combination of url, username, password. FYI, it is a single code base, it s just that they are assigned unique urls (which internally point to same location). So, going by your suggestion, we would have to change each and every username in the system, right? or did i not understand it correctly? Thanks! Saumin "Joe Kaplan (MVP - ADSI)" wrote: Quote: You need to flatten out your data design. Perhaps you could include the company name in the UPN (user@company for example) to make the user name unique, and then use the logic you were originally using to log the users in to get the company name and use that to build the login username dynamically. It really depends quite a bit on how you were handling this abiguity beforehand. Joe K. "Saumin" <Saumin@discussions.microsoft.com> wrote in message news:22D9C210-85F7-4137-803B-021EA0BC9F60@microsoft.com... Hi, I have a question regarding ADAM. We are trying to port our web application authentication from database to ADAM. Our web app has many users with same username, but since they are distinct per clientcompany, it is fine. Now, this is a problem with ADAM, as UserPrincipalName has to be unique throughout an instance. Is there any way to work around this? How do i design for ADAM in this situation? Any thoughts/ideas would be greatly appreciated. Thanks! Saumin
Back to top
Saumin Guest	Posted: Tue May 16, 2006 5:21 pm    Post subject: Re: ADAM - duplicate userPrincipalName Joe, I forgot to let you knw that I am trying to get ADMembershipProvider working with ADAM. Initially, i had created a container per clientcompany. But as soon as i try to have duplicate UPN, it gave me an error. So, as i understood, UPN itself needs to have clientcompany in it and that would mena that i will have to change each and every username in the system. This is huge considering the business aspect of it. I am hoping there is some other solution. I will really appreciate your thoughts. Saumin "Joe Kaplan (MVP - ADSI)" wrote: Quote: You need to flatten out your data design. Perhaps you could include the company name in the UPN (user@company for example) to make the user name unique, and then use the logic you were originally using to log the users in to get the company name and use that to build the login username dynamically. It really depends quite a bit on how you were handling this abiguity beforehand. Joe K. "Saumin" <Saumin@discussions.microsoft.com> wrote in message news:22D9C210-85F7-4137-803B-021EA0BC9F60@microsoft.com... Hi, I have a question regarding ADAM. We are trying to port our web application authentication from database to ADAM. Our web app has many users with same username, but since they are distinct per clientcompany, it is fine. Now, this is a problem with ADAM, as UserPrincipalName has to be unique throughout an instance. Is there any way to work around this? How do i design for ADAM in this situation? Any thoughts/ideas would be greatly appreciated. Thanks! Saumin
Back to top
Saumin Guest	Posted: Tue May 16, 2006 5:21 pm    Post subject: Re: ADAM - duplicate userPrincipalName Hello Joe, Thanks for your response. My current scenario is that our clients are assigned unique URLs like clientcompany.mywebapp.com. they go to a login page where they enter username/password. hence, there is a unique combination of url, username, password. FYI, it is a single code base, it s just that they are assigned unique urls (which internally point to same location). So, going by your suggestion, we would have to change each and every username in the system, right? or did i not understand it correctly? I am trying to get ADMembershipProvider working with ADAM. Initially, i had created a container per clientcompany. But as soon as i try to have duplicate UPN, it gave me an error. So, as i understood, UPN itself needs to have clientcompany in it and that would mena that i will have to change each and every username in the system. This is huge considering the business aspect of it. I am hoping there is some other solution. I will really appreciate your thoughts. Thanks! Saumin "Joe Richards [MVP]" wrote: Quote: username@clientcompany? username.company? company.username? There must be some way you are making them unique in your DB, follow a similar path. -- Joe Richards Microsoft MVP Windows Server Directory Services Author of O'Reilly Active Directory Third Edition www.joeware.net ---O'Reilly Active Directory Third Edition now available--- http://www.joeware.net/win/ad3e.htm Saumin wrote: Hi, I have a question regarding ADAM. We are trying to port our web application authentication from database to ADAM. Our web app has many users with same username, but since they are distinct per clientcompany, it is fine. Now, this is a problem with ADAM, as UserPrincipalName has to be unique throughout an instance. Is there any way to work around this? How do i design for ADAM in this situation? Any thoughts/ideas would be greatly appreciated. Thanks! Saumin
Back to top
Joe Kaplan (MVP - ADSI) Guest	Posted: Tue May 16, 2006 7:53 pm    Post subject: Re: ADAM - duplicate userPrincipalName This is essentially correct, yes. The only other thing I could see would be to create separate partitions for each company, but I'm not sure if that makes any sense. Joe K. "Saumin" <Saumin@discussions.microsoft.com> wrote in message news:22F733D2-6937-45EC-A32D-EB19D7231E00@microsoft.com... Quote: Hello Joe, Thanks for your response. My current scenario is that our clients are assigned unique URLs like clientcompany.mywebapp.com. they go to a login page where they enter username/password. hence, there is a unique combination of url, username, password. FYI, it is a single code base, it s just that they are assigned unique urls (which internally point to same location). So, going by your suggestion, we would have to change each and every username in the system, right? or did i not understand it correctly? I am trying to get ADMembershipProvider working with ADAM. Initially, i had created a container per clientcompany. But as soon as i try to have duplicate UPN, it gave me an error. So, as i understood, UPN itself needs to have clientcompany in it and that would mena that i will have to change each and every username in the system. This is huge considering the business aspect of it. I am hoping there is some other solution. I will really appreciate your thoughts. Thanks! Saumin "Joe Richards [MVP]" wrote: username@clientcompany? username.company? company.username? There must be some way you are making them unique in your DB, follow a similar path. -- Joe Richards Microsoft MVP Windows Server Directory Services Author of O'Reilly Active Directory Third Edition www.joeware.net ---O'Reilly Active Directory Third Edition now available--- http://www.joeware.net/win/ad3e.htm Saumin wrote: Hi, I have a question regarding ADAM. We are trying to port our web application authentication from database to ADAM. Our web app has many users with same username, but since they are distinct per clientcompany, it is fine. Now, this is a problem with ADAM, as UserPrincipalName has to be unique throughout an instance. Is there any way to work around this? How do i design for ADAM in this situation? Any thoughts/ideas would be greatly appreciated. Thanks! Saumin
Back to top
Joe Richards [MVP] Guest	Posted: Tue May 16, 2006 9:55 pm    Post subject: Re: ADAM - duplicate userPrincipalName What I am recommending is that you have custom UPNs by company. You control what gets sent to ADAM for the auth, so if they are running on webpage for Bobcompany and they are user Steve, send an auth request for steve@bobcompany for the UPN, that shouldn't require changing any of your structure at all. -- Joe Richards Microsoft MVP Windows Server Directory Services Author of O'Reilly Active Directory Third Edition www.joeware.net ---O'Reilly Active Directory Third Edition now available--- http://www.joeware.net/win/ad3e.htm Saumin wrote: Quote: Hello Joe, Thanks for your response. My current scenario is that our clients are assigned unique URLs like clientcompany.mywebapp.com. they go to a login page where they enter username/password. hence, there is a unique combination of url, username, password. FYI, it is a single code base, it s just that they are assigned unique urls (which internally point to same location). So, going by your suggestion, we would have to change each and every username in the system, right? or did i not understand it correctly? I am trying to get ADMembershipProvider working with ADAM. Initially, i had created a container per clientcompany. But as soon as i try to have duplicate UPN, it gave me an error. So, as i understood, UPN itself needs to have clientcompany in it and that would mena that i will have to change each and every username in the system. This is huge considering the business aspect of it. I am hoping there is some other solution. I will really appreciate your thoughts. Thanks! Saumin "Joe Richards [MVP]" wrote: username@clientcompany? username.company? company.username? There must be some way you are making them unique in your DB, follow a similar path. -- Joe Richards Microsoft MVP Windows Server Directory Services Author of O'Reilly Active Directory Third Edition www.joeware.net ---O'Reilly Active Directory Third Edition now available--- http://www.joeware.net/win/ad3e.htm Saumin wrote: Hi, I have a question regarding ADAM. We are trying to port our web application authentication from database to ADAM. Our web app has many users with same username, but since they are distinct per clientcompany, it is fine. Now, this is a problem with ADAM, as UserPrincipalName has to be unique throughout an instance. Is there any way to work around this? How do i design for ADAM in this situation? Any thoughts/ideas would be greatly appreciated. Thanks! Saumin
Back to top
Display posts from previous: All Posts1 Day7 Days2 Weeks1 Month3 Months6 Months1 Year Oldest FirstNewest First

	Forum Index -> microsoft.public.windows.server.active_directory	All times are GMT
Page 1 of 1