| Request | LDAP User Folder -- bug report -- by Eugeny Korekin |
| Posted on | Mar 27, 2003 10:20 am |
| Subscribe |
| Resolve by Jens Vagelpohl on Jul 30, 2005 4:03 pm | |
|
It's taken a long time but I have revised my stance on this issue. It is probably more confusing to the admin if users he can find from the ZMI search interface cannot log in, because it is not obvious that the object classes might differ. The fix is in CVS now and will be in LDAPUserFolder 2.6beta3. jens |
|
|
|
| Reject by Jens Vagelpohl on Mar 29, 2003 11:16 pm | |
|
i disagree, and here is why: - the "Find User" functionality is simply not designed to be super-precise, it is just a convenience helper but not a full-featured search engine. - i believe in erring on the side of showing too many search results rather than too little. there is also the danger that not all records actually have the same objectclasses assigned to it. think about a directory where the schema changed over the years. so restrincting by the user objectclasses that are configured into the LDAPUserFolder would never show records that do not adhere to the same schema. jens |
|
|
|
| Initial Request by Eugeny Korekin on Mar 27, 2003 10:21 am | |
|
'Find existing users' finds entries with filter cn=searchterm, so it finds not only users, but all entries, which has 'cn' attr. I think user_objectclasses should be added to that field. |
