For smartcard login, my certificate contain UPN which is lowercase formatted (i.e. user123). However, in DC its capitalized (i.e. User123).
The login fails with the following log (taken from log show) :
From the logs it seems that an attempt has been made to lookup this name by opendirectoryd but it has failed since the match policy is case sensitive (or as the logs says, CaseExact.)
Here's the relevant message :
Does the lookup make deliberately in case sensitive. I presume that it simply take the name from the certificate inside the smartCard, but is there an option to match with lowercase ?
thanks
The login fails with the following log (taken from log show) :
Code Block SmartCard - User is not paired with any smartcard .
From the logs it seems that an attempt has been made to lookup this name by opendirectoryd but it has failed since the match policy is case sensitive (or as the logs says, CaseExact.)
Here's the relevant message :
Code Block 2020-12-24 12:40:44.901571+0200 0x1f237 Info 0x14742 85 0 opendirectoryd: [com.apple.opendirectoryd:session] ODQueryCreateWithNode request, NodeID: E4648A1C-B2E1-4329-B702-5CADC51B9235, RecordType(s): dsRecTypeStandard:Users, Attribute:dsAttrTypeNative:dn, MatchType: EqualTo, Equality: CaseExact, Value(s): <private>, RequestedAttributes: dsAttrTypeStandard:AuthenticationHint,dsAttrTypeNative:_guest,dsAttrTypeStandard:AuthenticationAuthority,dsAttrTypeStandard:AppleMetaNodeLocation,dsAttrTypeStandard:Rec ordType,dsAttrTypeStandard:GeneratedUID,dsAttrTypeStandard:PrimaryGroupID,dsAttrTypeStandard:RecordName,dsAttrTypeNative:original_authentication_authority, dsAttrTypeStandard:HomeDirectory,dsAttrTypeStandard:UniqueID,dsAttrTypeStandard:RealName,dsAttrTypeStandard:AppleMetaRecordName, dsAttrTypeNative:home_info,dsAttrTypeStandard:NFSHomeDirectory, Max Results: 1
Does the lookup make deliberately in case sensitive. I presume that it simply take the name from the certificate inside the smartCard, but is there an option to match with lowercase ?
thanks