Allow changing userID in alfresco when it's changed in AD and synced with LDAP: mapping of authenticated username to repository username
At the moment if a user chnages name there is no way of changing the userID in alfresco , Or when it's synced via LDAP it's no possible to map a changed userID into alfresco. The new UserID will cause Alfresco to create a new user instead.
How to reproduce and use case?
1) install a ldap-ad system with ldap sync.
2) try to login with NTLM SSO with a user:
NTLM passthru (sso.enabled=true)
With the default parameters, this will create a user in Alfresco with username "username1"
(same thing with kerberos with the option to have username1@domain1 as username see )
3) now the user gets married and as "username1" was a user name based on her maiden name, admins in AD change her sAMAccountName from "username1" to "marriedusername1"
Expected behavior :
Customers want to be able to chnage the useID in AD, and using LDAP sync, the userID in alfresco to be updated.
Add an attribute that never changes like employeeID
is changed into:
Here the EmployeeId attribute is an invariant, so when syncing via LDAP this can be used as the identifier.
This is a long standing enhancement request to have the possibility to change username in alfresco ,which is something that happens often. in this case,when a user's name was changed in AD when they got married or for other reasons, the user loses its rights on all folders and ownership of documents she created as anew user is created in alfresco!
This has been requested by many customers.