So i have a pki realm that passes auth to an ldap realm but the pki realm uses a usernam_pattern attribute to pull the cn from the pki but i want the whole dn returning and passing to the ldap realm.
e.g
PKI;
CN=VVVVVVVV,OU=WWWWWWWW,O=XXXXXXXX,L=YYYYYYYY,C=ZZZZZZZZ
LDAP user full DN;
CN=VVVVVVVV,OU=WWWWWWWW,O=XXXXXXXX,L=YYYYYYYY,C=ZZZZZZZZ
The pki realm uses a username_pattern that supposedly defaults to CN=(.*?)(?:,\|$)
and so just grabs the cn VVVVVVVV
and passes it to ldap, which fails as its looking for the whole DN. I dont want to just search on the CN as there's a chance multiple users have the same CN but different O or OU.
Any help would be great.