https://bz.apache.org/bugzilla/show_bug.cgi?id=65168
--- Comment #5 from Avi <[email protected]> --- (In reply to Eric Covener from comment #4) > (In reply to Avi from comment #3) > > In PHP I try binding using either "dummy" (samAccountName), "[email protected]" > > (userPrincipalName) or "corp\dummy" (netbios\samAccountName) formats, until > > it binds, and it works regardless of the user's displayName attribute value > > (as previously mentioned). > > > > And the problem with AuthLDAPInitialBindPattern is that in many ADs, the > > relevant users might not fit the pattern and will not be able to login, > > that's why I removed it at some point because it wasn't working as expected. > > > > any thoughts? what does this mean if I want to continue using LDAP to > > access my server? > > > httpd can't try multiple derivatives of the name the user types. The only > other option you have with httpd is to let the server search for the users > distinguished name. I'm not quite sure what you're suggesting, I couldn't find reference in https://httpd.apache.org/docs/2.4/mod/mod_authnz_ldap.html to searching for users DN during authentication, only after (during authorization). can you maybe give a config example? thanks! -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
