Skip to main content
Mitratech Success Center

Valid Login Syntax for LDAP

Users must provide user information in the appropriate syntax for the LDAP server.

Active Directory

Valid forms of the login are:

  • domain\user_name
  • cn=user_name, cn=users, dc=sub-domain, dc=domain, dc=com


For a login ID, OpenLDAP uses Distinguished Names, which can be lengthy. To facilitate logging in, a series of rules are applied to expand a simple string into a full Distinguished Name:

  • If the username starts with a period (.), omit the period.
  • If there is no equal sign (=) or comma (,) in the username, login in the following manner:
  • “cn=“ + username + “,” + UserDomain
  • If there is no “dc=“ in the username add the domain at the end. Examples of these mappings:







þÿ  When a name is delimited with a comma and space, use the backslash character before the comma (for example, CN=Smith\, John).

  • Was this article helpful?