[rt-users] LDAP d filter question
Mike Peachey
mike.peachey at jennic.com
Fri Jul 9 03:55:11 EDT 2010
Kevin Falcone wrote:
> On Thu, Jul 08, 2010 at 11:50:45AM -0700, Kenneth Crocker wrote:
>> I noticed that the info for LDAP when using ExternalAuth mentions that you MUST have a d
>> filter defined.
>>
>> My quick question is why? If my regular filter is working, anyone not meeting that
>> specification will be denied anyway, so why the must for the d filter?
It's just part of the way it's designed and the way LDAP filters are
generated. It's not brilliant, but it works well.
> If you don't need it, make it the empty string
>
> -kevin
Have you tested that? I haven't checked within living memory, but my
general recommendation is to use something like (objectClass=ScoobyDoo)
so you guarantee not to match. I'm not sure than an empty string won't
cause a syntax failure on lookup.
--
Kind Regards,
__________________________________________________
Mike Peachey, IT Systems Administrator
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England
http://www.jennic.com
__________________________________________________
More information about the rt-users
mailing list