JustinAzoff
commented
10 years ago 1 sounds good.. for 2 you might want to make it take a format string...
search = uid=%ssince I'm not sure if a prefix would count for all use cases.. would there be a reason someone would want to search be
search = uid=%s,foo=bar
The configuration values and search params I inherited from Justin are insufficient for non-OpenLDAP searches. I'm searching against Active Directory here.
First, the bind username is set in the current plugin version to "uid=(configuration username),(configuration dsn)" - here it needs to be simply the username, no DSN. eg, instead of "uid=kraigu@domain.name,dc=domain,dc=name" it needs to be "kraigu@domain.name".
Second, the default search is "uid=arg". Here, it needs to be "SAMAccountName=arg".
Proposal: 1) modify the plugin so the bind username is only what's stipulated by "user=" in the config file. 2) add a config option "search" that will contain the prefix (or whatever it's called in LDAP speak). uid=, SAMAccountName=, whatever.