> > $ldap_group_dn = "CN=Packetfence Admins,CN=Users,DC=school,DC=edu"; > Are you using nested groups? I don't think the perl lib is able to do > recursive search. Try to put your user straight in that group.
I thought PF already did this. Must be some other package I was looking at recently. You could recurse at the client end. If you're running RHEL/CENTOS 6, you have sample code at /usr/share/doc/perl-LDAP-0.40/contrib/isMember.pl Or, you could use an LDAP control to request recursion at the server. Instead of (member=cn=user1,cn=users,DC=x), ask for: (member:1.2.840.113556.1.4.1941:=cn=user1,cn=users,DC=x) see http://msdn.microsoft.com/en-us/library/aa746475%28VS.85%29.aspx ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ PacketFence-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/packetfence-users
