Software /
code /
prosody-modules
Changeset
1987:6d7699eda594
mod_auth_ldap: Change default of ldap_scope from onelevel to subtree which seems to match many deployments
author | Kim Alvefur <zash@zash.se> |
---|---|
date | Sun, 20 Dec 2015 21:55:49 +0100 |
parents | 1986:9e268b4fba08 |
children | 1994:f263fcf1b0ed |
files | mod_auth_ldap/README.markdown mod_auth_ldap/mod_auth_ldap.lua |
diffstat | 2 files changed, 2 insertions(+), 2 deletions(-) [+] |
line wrap: on
line diff
--- a/mod_auth_ldap/README.markdown Sun Dec 20 18:58:09 2015 +0100 +++ b/mod_auth_ldap/README.markdown Sun Dec 20 21:55:49 2015 +0100 @@ -37,7 +37,7 @@ ldap\_rootdn The distinguished name to auth against `"" (anonymous)` ldap\_password Password for rootdn `""` ldap\_filter Search filter, with `$user` and `$host` substituded for user- and hostname `"(uid=$user)"` - ldap\_scope Search scope. other values: "base" and "subtree" `"onelevel"` + ldap\_scope Search scope. other values: "base" and "onelevel" `"subtree"` ldap\_tls Enable TLS (StartTLS) to connect to LDAP (can be true or false). The non-standard 'LDAPS' protocol is not supported. `false` ldap\_mode How passwords are validated. `"bind"`
--- a/mod_auth_ldap/mod_auth_ldap.lua Sun Dec 20 18:58:09 2015 +0100 +++ b/mod_auth_ldap/mod_auth_ldap.lua Sun Dec 20 21:55:49 2015 +0100 @@ -9,7 +9,7 @@ local ldap_rootdn = module:get_option_string("ldap_rootdn", ""); local ldap_password = module:get_option_string("ldap_password", ""); local ldap_tls = module:get_option_boolean("ldap_tls"); -local ldap_scope = module:get_option_string("ldap_scope", "onelevel"); +local ldap_scope = module:get_option_string("ldap_scope", "subtree"); local ldap_filter = module:get_option_string("ldap_filter", "(uid=$user)"):gsub("%%s", "$user", 1); local ldap_base = assert(module:get_option_string("ldap_base"), "ldap_base is a required option for ldap"); local ldap_mode = module:get_option_string("ldap_mode", "bind");