When the binding method selected is Anonymous authentication or Client
authentication, the initial bind to the LDAP server is followed by a search
request aimed at retrieving specific information about the user, including the
user's DN, login permissions, and group ownerships. In order to retrieve this
information, the search request must specify the attribute name used to
represent userids on that server. Specifically, this name is used as a search
filter against the login id entered by the user. This attribute name is
configured here. If this field is left blank, a default of uid is used during
For example, on Active Directory servers, the attribute name used for userids
is often sAMAccoutName.
When the binding method selected is UPN or Strict UPN, this field defaults
automatically to userPrincipalName during user authentication if the userid
entered has the form userid@somedomain.