[rt-users] LDAP d filter question

Kevin Falcone falcone at bestpractical.com
Thu Jul 8 18:01:40 EDT 2010


On Thu, Jul 08, 2010 at 11:50:45AM -0700, Kenneth Crocker wrote:
>    I noticed that the info for LDAP when using ExternalAuth mentions that you MUST have a d
>    filter defined.
> 
>    My quick question is why? If my regular filter is working, anyone not meeting that
>    specification will be denied anyway, so why the must for the d filter?

d_filter does not stand for denied filter, it stands for disabled
filter

"The filter that will only match disabled users"

If you leave it as the default there will be errors
If you set it to the same as your filter, everyone will be marked disabled.

If you don't need it, make it the empty string

-kevin

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
URL: <http://lists.bestpractical.com/pipermail/rt-users/attachments/20100708/c18c3710/attachment.sig>


More information about the rt-users mailing list