Yes, it's a safe procedure and it is a good place to change your configuration
Using LDAP plugin in Plone: is it safe to substitute: cn attribute with: displayName, mapped to: fullname?
Question
I'm using Active Directory as authentication source in a Plone4 site, with plone.app.ldap.
In the settings I'm using sAMAccountName for user id, but the cn attribute does not contain user fullname information, which instead is provided by the attribute: displayName
To display the correct fullname, in ZMI > ldap-plugin > LDAP Schema, I've deleted cn attribute, and added: displayName, mapped to: fullname. Now everything seems to be working fine in my test enviroment: just wondering if this is the correct pratice.
Solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow