> On Mar 30, 2017, at 8:36 PM, pandorasbox55 <pandorasbo...@outlook.com> wrote:
>
> From what I have read, setting the /domain/ in the LDAP table should be what
> I need
That's correct. With "domain" set, only lookup keys of the form
"u...@example.com"
where "example.com" is listed in the "domain" list will be looked up. All other
lookup keys will bypass LDAP and return no result.
> but I can't seem to get it to work.
And yet that's how it works, so perhaps you're not interpreting your
observations correctly. Also with multiple tables defined, some of
the tables may be missing the "domain" constraint, and these will
generate the unwanted queries.
> Here's a sample of one of my LDAP alias tables:
>
> server_host = [server:port]
> version = 3
> timeout = 5
> search_base = [ldapsearchbase]
> domain = my.domain.com
This is correct and sufficient.
--
Viktor.
