You can use the following identity map for any simple username specified in a valid logon, for example, jsmith. You must include domain information sufficient to construct the DN as part of the Pattern attribute, for example:
<Mechanism Name="ldap"> <MechanismProperties ... /> <IdentityMap Match="(.*)" Pattern="cn=${1},ou=people,dc=div,dc=corp,dc=com"/> DatabaseName="svc1_${0}"/> </Mechanism>
For sites using multiple directory services, where users normally log on using only simple uids, you can use the DatabaseName attribute to affix a string that represents the service to the authcid, to differentiate among possible duplicate usernames that may appear in the various services. Using the value shown in the IdentityMap example:
DatabaseName="svc1_${0}"
Subsequent logons using the simple user name jsmith, identify the user as "svc1_jsmith" in the database, where ${0} causes the database to use the entire authcid (jsmith).