OpenLDAP

[gdur]

I just have added an OpenLDAP server to my OPNsense server. My LDAP tree is setup to serve a multi tenant environment. As usernames occur several times in the various tenants I'm discriminating these by using the mail attribute rather than the uid attribute. In the settings I defined the " User naming attribute" as mail. So far so good. The Tester option shows that it's looking for the mail attribute as I get positive results. However, if I stick in the uid in the Tester I get a positive result as well but is pointing at a specific tenant. While using OpenVPN the same is happening, I can both use the UID or MAIL attribute. Did I miss an option to force OPNsense to just look for the MAIL attribute?

[gdur]

After having got my settings right for OpenVPN after applying "Strict User/CN Matching" the behavior of letting me login using both my uid as well as mail attribute changed. Now I's only possible to login using the uid. As explained in my previous message this is quit inconvenient as in my multi tenant LDAP setup only the mail addresses are unique.
Question: Is there a way to make LDAP import using the mail attribute rather than the default uid attribute. Help will be highly appreciated.
Cheers