I was planning to fail authentication if more than one entry is found.
At 09:58 16/05/01, you wrote:
>John Holman wrote:
> >
> > As said before I'd like to add the ability to search the directory for the
> > user's dn to cover cases when a fixed pattern will not work, but will wait
> > to see the fate of this patch before going ahead.
>
>Regarding the "search, then bind" authentication; what would be the
>suggested behaviour when there are more than one returned dn from the
>search? Should one try to authenticate as each of these, or
>automatically assume not authenticated?
>
>--
>- Torgeir