Kevin Falcone wrote:
I noticed that the info for LDAP when using ExternalAuth mentions that you MUST have a d
My quick question is why? If my regular filter is working, anyone not meeting that
specification will be denied anyway, so why the must for the d filter?
It’s just part of the way it’s designed and the way LDAP filters are
generated. It’s not brilliant, but it works well.
If you don’t need it, make it the empty string
Have you tested that? I haven’t checked within living memory, but my
general recommendation is to use something like (objectClass=ScoobyDoo)
so you guarantee not to match. I’m not sure than an empty string won’t
cause a syntax failure on lookup.
Mike Peachey, IT Systems Administrator
Tel: +44 114 281 2655
Fax: +44 114 281 2951
Jennic Ltd, Furnival Street, Sheffield, S1 4QT, UK
Comp Reg No: 3191371 - Registered In England