linux-traipu team mailing list archive

Thread
Date

[Bug 932837] Re: FEATURE REQUEST: Add "wholeSubtree search capabilities in auth-ldap

To: linux-traipu@xxxxxxxxxxxxxxxxxxx
From: Theodotos Andreou <932837@xxxxxxxxxxxxxxxxxx>
Date: Wed, 15 Feb 2012 16:10:31 -0000
Reply-to: Bug 932837 <932837@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** Description changed:

  Currently the auth-ldap only supports singleLevel search
  (LDAP_SCOPE_ONELEVEL) which is not very useful for organisations with
  complicated structure. For example in our university each department has
- it's own OU and the users lie under their respective OU. So there is a
+ it's own OU and the users lie under their respective OUs. So there is a
  need for hierarchical searching under a common Base-Dn
  
  According to the auth-ldap doc page:
  
  "The option LDAP_SCOPE_ONELEVEL option is used when searching the LDAP
  directory. This means you must specify the full base-dn. For instance,
  if you have users defined in the dn ou=people,dn=example,dn=com
  authentication will fail if you only specify dn=example,dn=com. A
  consequence of this is that all your Drizzle users must belong to the
  same LDAP organizationalUnit.
  
  This is currently a fixed option and can only be changed by editing
  source code. However, there is no reason why it couldn’t be a
  configurable option to also allow multi level searches. Please contact
  the Drizzle developers if you have such needs. (See Help and Support)"
  
  So here I am requesting for multi level searches (wholeSubtree) support
  for auth-ldap if  it's not to hard to implement.

-- 
You received this bug notification because you are a member of UBUNTU -
AL - BR, which is subscribed to Drizzle.
https://bugs.launchpad.net/bugs/932837

Title:
  FEATURE REQUEST: Add "wholeSubtree search capabilities in auth-ldap

Status in A Lightweight SQL Database for Cloud Infrastructure and Web Applications:
  New

Bug description:
  Currently the auth-ldap only supports singleLevel search
  (LDAP_SCOPE_ONELEVEL) which is not very useful for organisations with
  complicated structure. For example in our university each department
  has it's own OU and the users lie under their respective OUs. So there
  is a need for hierarchical searching under a common Base-Dn

  According to the auth-ldap doc page:

  "The option LDAP_SCOPE_ONELEVEL option is used when searching the LDAP
  directory. This means you must specify the full base-dn. For instance,
  if you have users defined in the dn ou=people,dn=example,dn=com
  authentication will fail if you only specify dn=example,dn=com. A
  consequence of this is that all your Drizzle users must belong to the
  same LDAP organizationalUnit.

  This is currently a fixed option and can only be changed by editing
  source code. However, there is no reason why it couldn’t be a
  configurable option to also allow multi level searches. Please contact
  the Drizzle developers if you have such needs. (See Help and Support)"

  So here I am requesting for multi level searches (wholeSubtree)
  support for auth-ldap if  it's not to hard to implement.

To manage notifications about this bug go to:
https://bugs.launchpad.net/drizzle/+bug/932837/+subscriptions

References

[Bug 932837] [NEW] FEATURE REQUEST: Add "wholeSubtree search capabilities in auth-ldap
From: Theodotos Andreou, 2012-02-15