Hello!

We have migrated an Enterprise installation from 4.62B to CMS5 R2 SP2. It is working fine and we are using ActiveDirectoryProvider, no problem at all getting groups listed and users logged in. But the main issue is that 4.62 (via a LDAP connection from the beginning) is showing group names and saving access rights like
         “GroupName-OrganizationalUnit-company-local”
and CMS5 can only show either “GroupName” (through attributeMapRolename=”cn”) or “CN=GroupName,OU=OrganizationalUnit,DC=company,DC=local” (through attributeMapRolename=”distinguishedName”).

This is a big problem because 4.62B has saved access rights to the groups in a format name that we cannot reproduce in CMS5. That means to reassign all the access rights in 16 sites which is not the best approach at all.

In the technical note there is no more information about attributeMapRolename than “cn” or “distinguishedName”. We are wondering if there are other valid values for this attribute? I have tried with other common values like “userPrincipalName” or “displayName” but I get a “Value cannot be null” exception.

Another alternative is to try to change the group name directly in 4.62B but it does not seem to be much functionality there to do so? Other approaches?

All your answers are really appreciated, thanks in advance!