https://bz.apache.org/bugzilla/show_bug.cgi?id=65168
--- Comment #6 from Eric Covener <[email protected]> --- (In reply to Avi from comment #5) > (In reply to Eric Covener from comment #4) > > (In reply to Avi from comment #3) > > > In PHP I try binding using either "dummy" (samAccountName), > > > "[email protected]" > > > (userPrincipalName) or "corp\dummy" (netbios\samAccountName) formats, > > > until > > > it binds, and it works regardless of the user's displayName attribute > > > value > > > (as previously mentioned). > > > > > > And the problem with AuthLDAPInitialBindPattern is that in many ADs, the > > > relevant users might not fit the pattern and will not be able to login, > > > that's why I removed it at some point because it wasn't working as > > > expected. > > > > > > any thoughts? what does this mean if I want to continue using LDAP to > > > access my server? > > > > > > httpd can't try multiple derivatives of the name the user types. The only > > other option you have with httpd is to let the server search for the users > > distinguished name. > > I'm not quite sure what you're suggesting, I couldn't find reference in > https://httpd.apache.org/docs/2.4/mod/mod_authnz_ldap.html to searching for > users DN during authentication, only after (during authorization). > can you maybe give a config example? thanks! Sorry I only meant here the default behavior without AuthLDAPInitialBindAsUser . The server maps usernames to a DN using a search. -- You are receiving this mail because: You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
