On 20 Nov 2023, at 15:32, Yann Ylavic <ylavic....@gmail.com> wrote: > OK, I drop a new v3 here just in case and let those who know how LDAP > authn/authz work take whatever :) > This is just to show that there is some room for > factorization/disambiguation in this code.. > > > Regards; > Yann. > <ldapsearch_check_authorization-v3.diff>
Just tested this, and it appears to work fine. One tiny detail, these is a logging line that refers to ldap-filter inside ldap-search, but other than that, +1. + "auth_ldap authorize: require ldap-filter: user's DN " Regards, Graham —