Closed xperseguers closed 3 years ago
To be honest, looking into the code again i stumble once more on
$domain = null
if (!Configuration::getValue('SSOKeepDomainName')) {
$domain = 'whatever';
}
// if NOT SSOKeepDomainName, then pass it along (in order to keep/check it?)
if you wan't to keep the SSO domain, get it from remote user and pass it along, enabling a check from domain and baseDN in user record. If not, don't pass it, don't check it...
Are you with me? ;)
I'm not with you since I don't get exactly what you mean, please provide a patch in your description so that it's clear what you mean.
Not really, I don't know if that really feasible but you could possibly have a username in your AD (or OpenLDAP maybe?) which needs to have a @some-domain
in its username while checking against another arbitrary DC in your binding.
The added case for checking the domain against the DC has been added in order for work with AD forests.
Resolves: #119