Based on #1 we can validate DN's. However the search bases as specified in sssd.conf have additional parameters and also multiple search bases like search_base[?scope?[filter][?search_base?scope?[filter]]*].
It should be possible to create an SSSD-specific validation function that uses the bodgitlib-provided validate_ldap_dn and validate_ldap_filter functions and then it just needs to validate the scope values itself and that the whole string conforms to the right format.
Based on #1 we can validate DN's. However the search bases as specified in
sssd.conf
have additional parameters and also multiple search bases likesearch_base[?scope?[filter][?search_base?scope?[filter]]*]
.It should be possible to create an SSSD-specific validation function that uses the bodgitlib-provided
validate_ldap_dn
andvalidate_ldap_filter
functions and then it just needs to validate the scope values itself and that the whole string conforms to the right format.