On 20 Nov 2023, at 12:26, Ruediger Pluem <rpl...@apache.org> wrote: > Or we need to ensure that authn_ldap_build_filter is NULL safe and returns in > a sensible way if user == NULL.
This is the option we need I think - it’s possible that ldapsearch could be used without a user. Regards, Graham —