Sun Java System Federation Manager 7.0 User's Guide

Return User DN on Authentication

When the Federation Manager directory is the same as the directory configured for MSDISN, this option may be enabled. If enabled, this option allows the authentication module to return the DN instead of the User ID, and no search is necessary. Normally, an authentication module returns only the User ID, and the authentication service searches for the user in the local Federation Manager. If an external directory is used, this option is typically not enabled.