Closed robin-thoni closed 4 years ago
You are welcome!
I think it is required to add matching rule to the LDAP server to have filtering working per particular attribute. You did it finally, so, it is working now.
Moreover, every matching rule has to have its index. Therefore it consumes memory.
It is up to LDAP admin to define what attributes have to be indexed.
I was just thinking that filtering on userPrincipalName
is pretty important in an AD, so it could be included by default to avoid others the struggle :)
Done.
First, thank you so much for this work, it helped me A LOT.
I encountered a strange thing, which is I can not filter on
userPrincipalName
attribute:(userPrincipalName=robin.thoni@xxx)
was not giving any result, but(userPrincipalName=*)
was returning all object with auserPrincipalName
attribute...I added
EQUALITY caseIgnoreMatch
to theuserPrincipalName
attribute, and now it works.Maybe you have a better fix? Anyway, I think filtering on
userPrincipalName
is pretty important, so maybe you should include it...