Hi Jonathan, if you look at item 8 on the Using OpenLDAP document, you'll see that mojoPortal will attempt to use LDAP attributes "givenName" for first name, and "sn" for last name. I think that this is only being used for OpenLDAP.

If you have the mojoPortal source code, the conversion between LDAP attributes and mojoPortal fields happens in mojoPortal.Business LdapUser.cs. It looks like it's using an LDAP attribute of "mail" to pull the email address if you're using OpenLDAP, or setting it to userName + Domain (from LDAP settings) on ActiveDirectory.

I still think ultimately that it would be helpful to have more of a generic method to map the LDAP attributes to mojoPortal user fields, but I'm not sure if it will be doable.

I do agree that user name should probably be editable within mojoPortal even when using LDAP. That will be a feature request.

Jamie

Thank you for your reply.  I learn more and more every time I dive into the code.  For the active directory, would it be possible to use System.DirectoryServices instead of Novell.Directory.Ldap to pull information about the user?  I am not sure how MojoPortal is authenticating the user, so I when I did my test on System.DirectoryServices I entered my credentials manually in the code below.  It pulls up information about other users (the public information about them.  My login is not a domain admin).  Also in my test, I put everything to a label to see it.  If MojoPortal can gain access to the same entry type, it can not only pull information about the user (name, email), but also pull the groups they are in and if the setting is turned on (one way, two way, etc), synch the groups to the matching internal groups.  (Feature Request I am willing to help with once I understand more about the login procedure). 

Warning: Sloppy code ahead:

using System.DirectoryServices;

public void ad(string user)
        {
            DirectoryEntry Entry = new DirectoryEntry("LDAP://domain.com", "myusername", "password");
            DirectorySearcher Searcher = new DirectorySearcher(Entry);
            System.DirectoryServices.SearchResult result = default(System.DirectoryServices.SearchResult);
            try
            {
                Searcher.Filter = ("(anr=" + user + ")");
                result = Searcher.FindOne();

                // Get the properties for 'mySearchResult'.
                ResultPropertyCollection myResultPropColl = default(ResultPropertyCollection);
                myResultPropColl = result.Properties;
                string myKey = null;
                bool usekey = false;
                foreach (string myKey_loopVariable in myResultPropColl.PropertyNames)
                {
                    myKey = myKey_loopVariable;
                    usekey = true;
                    switch (Strings.LCase(myKey))
                    {
                        case "cn":
                            break;
                        case "mail":
                            break;
                        case "samaccountname":
                            break;
                        case "givenname":
                            break;
                        case "sn":
                            break;
                        default:
                            usekey = false;
                            break;
                    }
                    if (usekey)
                    {
                        object myCollection = null;
                        if (myResultPropColl(myKey).Count > 0)
                        {
                            o.Text += "<br>" + myKey + ": " + myResultPropColl(myKey).Item(0);
                        }
                        else
                        {
                              //handle default here
                        }
                    }
                }
            }
            catch (Exception ex)
            {
                string debug = ex.Message;
            }
        }

Bottom line, do you think its possible to include some of this code in the way mojoPortal authenticates users with ldap settings?

I am glad I was able to contribute something to this project.  From what I can tell from this page (http://msdn.microsoft.com/en-us/library/system.directoryservices.searchresult.properties.aspx), there are a list of "keys" and then each key has its own collection of options.  So even though the name for example would only have one entry, it still has it under a collection.  I have been looking at trying to get this information from AD off and on for about 6 years.  One thing I really like about mojoPortal is I can use a forum login and still use active directory authentication.  I like I don't have to use IIS login, because when you use windows auto login you can't specify the default domain in IIS.  Most of my users (using computers not directly on the ad network) have to put in their login anyway.

This is the code (non sloppy) is the Microsoft code that runs though all of the properties. (Copied from that link)

// Get the properties for 'mySearchResult'.
ResultPropertyCollection myResultPropColl;
myResultPropColl = mySearchResult.Properties;
Console.WriteLine("The properties of the " +
                  "'mySearchResult' are :");
foreach( string myKey in myResultPropColl.PropertyNames)
{
   string tab = "    ";
   Console.WriteLine(myKey + " = ");
   foreach( Object myCollection in myResultPropColl[myKey])
   {
      Console.WriteLine(tab + myCollection);
   }
}