22 Feb
2007
22 Feb
'07
2:02 p.m.
On Thu, 2007-02-22 at 12:19 +0100, Joseba Torre wrote:
- I'm using auth_bind and auth_bind_userdn. So pass_filter isn't used, and pass_attrs are never searched. Is this true or am I missing something?
That's true.
For me, the perfect state would be: prefetched
- bind using the user supplied dn
- if successfull, search for pass_attrs, where some user_attrs may be
- unbind
- userdb only binds if some needed attrs haven't been already fetched. If so, there's a choice to use the user supplied dn for the bind/search.
What if you just didn't use auth_bind_userdn, put all the attributes in pass_attrs and use userdb prefetch?
I think that should work as long as you're not using deliver, which requires userdb-only query (but then if you don't need the private fields use userdb prefetch and userdb ldap).