On Thu, Jul 08, 2010 at 11:50:45AM -0700, Kenneth Crocker wrote: > I noticed that the info for LDAP when using ExternalAuth mentions that you > MUST have a d > filter defined. > > My quick question is why? If my regular filter is working, anyone not > meeting that > specification will be denied anyway, so why the must for the d filter?
d_filter does not stand for denied filter, it stands for disabled filter "The filter that will only match disabled users" If you leave it as the default there will be errors If you set it to the same as your filter, everyone will be marked disabled. If you don't need it, make it the empty string -kevin
pgpQAC7aijqE5.pgp
Description: PGP signature
Discover RT's hidden secrets with RT Essentials from O'Reilly Media. Buy a copy at http://rtbook.bestpractical.com
