My use of search then bind is searching for a non-DN "user ID" (like UID or
mail, which is presumably unique) then binding witht he retrieved DN and
password. Can you imagine making people type in X.500-style user names????
Martin
Torgeir Veimo wrote:
> John Holman wrote:
> >
> > As said before I'd like to add the ability to search the directory for the
> > user's dn to cover cases when a fixed pattern will not work, but will wait
> > to see the fate of this patch before going ahead.
>
> Regarding the "search, then bind" authentication; what would be the
> suggested behaviour when there are more than one returned dn from the
> search? Should one try to authenticate as each of these, or
> automatically assume not authenticated?
>
> --
> - Torgeir
