AD integration and email attributes

Hi Folks,
Usually when I integrate a web service like Graylog with AD, there are a lot of attribute mapping which I can declare to control things like email address fields etc.

This is great because I can’t control those attributes in AD as I’m not in that department.

With Graylog, I don’t see how I can choose where to pull an email attribute from and that means it’s broken for various users in AD who don’t use the main email attribute but rather ‘mail’.

Is there some hidden area I can tune these aspects of our AD integration for identity?

What version of GL are you using?

We’re running v4.0.9+b962df8 - freshly installed yesterday.

I think after version 4.0 Graylog now has Teams/Groups but this is the Enterprise version if its enabled.
If you keep logs under 5GB day I believe its free.
Introduction to Teams Management | Graylog.

Maybe you could adjust your attributes here.

In Graylog you can’t define attribute mapping for email. It’s hardcoded in code, and first check attribute mail, then rfc822Mailbox and if not found it uses dummy address unknown@unknown.invalid

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.