LDAP Authorisation with Kerberos Troubleshooting

When LDAP authorisation is used with Kerberos, the user name queried in LDAP directory for authorisation has to match Kerberos username. But Kerberos authenticated username is usually like Dekhopc@MYDOMAIN.COM.AU (i.e., format of an email address). In LDAP directory the username of this same user could be just ‘Dekhopc’. So Dekho uses a regx pattern to extract the ‘Dekhopc’ component form the Kerberos authenticated username in order to query in the LDAP directory. If the Kerberos authenticated username is of a different format, it might be necessary to alter the regx pattern to extract the username to query in LDAP.

LDAP Authorisation Troubleshooting