I know what the DN is and found no way to avoid the search uid=xxx
There's some little improvements todo I think.
Tomasz Wolniewicz a Ãcrit :
I am using the groupmembership_attribute to add users to certain groups, unfortunately rlm_ldap will always also run a subtree search using the groupmembership_filter, which for my case is completely useless. From what I see in the code, there seems to be no way to switch this search off. Would it not be a good idea to allow the user to set this filter (or perhaps the groupname_attribute) to something like NONE that would tell rlm_ldap not to bother? Saving one unnecessary search over possibly a large tree could be worth the bother. To make things easier I have set up the groupmembership_filter to (objecClass = nosuchclass), this way with indexing over the object class the negative reply to this search should be quick enough, but still I would prefer to simply save this extra call.
Perhaps there is some way that I have overlooked?
Yours Tomasz
--
Dominique LALOT IngÃnieur SystÃme RÃseau CISCAM Pole RÃseau
Università de la MÃditerranÃe http://annuaire.univ-mrs.fr/showuser.php?uid=lalot
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
