Changeset

1987:6d7699eda594

mod_auth_ldap: Change default of ldap_scope from onelevel to subtree which seems to match many deployments
author Kim Alvefur <zash@zash.se>
date Sun, 20 Dec 2015 21:55:49 +0100
parents 1986:9e268b4fba08
children 1994:f263fcf1b0ed
files mod_auth_ldap/README.markdown mod_auth_ldap/mod_auth_ldap.lua
diffstat 2 files changed, 2 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/mod_auth_ldap/README.markdown	Sun Dec 20 18:58:09 2015 +0100
+++ b/mod_auth_ldap/README.markdown	Sun Dec 20 21:55:49 2015 +0100
@@ -37,7 +37,7 @@
   ldap\_rootdn     The distinguished name to auth against                                                                                 `"" (anonymous)`
   ldap\_password   Password for rootdn                                                                                                    `""`
   ldap\_filter     Search filter, with `$user` and `$host` substituded for user- and hostname                                             `"(uid=$user)"`
-  ldap\_scope      Search scope. other values: "base" and "subtree"                                                                       `"onelevel"`
+  ldap\_scope      Search scope. other values: "base" and "onelevel"                                                                      `"subtree"`
   ldap\_tls        Enable TLS (StartTLS) to connect to LDAP (can be true or false). The non-standard 'LDAPS' protocol is not supported.   `false`
   ldap\_mode       How passwords are validated.                                                                                           `"bind"`
 
--- a/mod_auth_ldap/mod_auth_ldap.lua	Sun Dec 20 18:58:09 2015 +0100
+++ b/mod_auth_ldap/mod_auth_ldap.lua	Sun Dec 20 21:55:49 2015 +0100
@@ -9,7 +9,7 @@
 local ldap_rootdn = module:get_option_string("ldap_rootdn", "");
 local ldap_password = module:get_option_string("ldap_password", "");
 local ldap_tls = module:get_option_boolean("ldap_tls");
-local ldap_scope = module:get_option_string("ldap_scope", "onelevel");
+local ldap_scope = module:get_option_string("ldap_scope", "subtree");
 local ldap_filter = module:get_option_string("ldap_filter", "(uid=$user)"):gsub("%%s", "$user", 1);
 local ldap_base = assert(module:get_option_string("ldap_base"), "ldap_base is a required option for ldap");
 local ldap_mode = module:get_option_string("ldap_mode", "bind");