diff options
author | jim-p <jimp@pfsense.org> | 2010-10-27 13:09:54 -0400 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2010-10-27 13:11:16 -0400 |
commit | 64ce9d72026e798ccaec42ffa68d74ec21c0c993 (patch) | |
tree | b02e8e62ed15f78697e43bd5ac55ef2ed27c8fad | |
parent | b019222ac2bdce1b93895fb03310bd900010c709 (diff) | |
download | pfsense-64ce9d72026e798ccaec42ffa68d74ec21c0c993.zip pfsense-64ce9d72026e798ccaec42ffa68d74ec21c0c993.tar.gz |
Do not require LDAP search base DN. Requiring this can prevent some valid LDAP configurations from properly authenticating. (See GDD-550841).
-rw-r--r-- | etc/inc/auth.inc | 2 | ||||
-rw-r--r-- | usr/local/www/system_authservers.php | 5 |
2 files changed, 3 insertions, 4 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 9c448be..13ca678 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -936,7 +936,7 @@ function ldap_backed($username, $passwd, $authcfg) { else $ldapfunc = "ldap_search"; /* Support legacy auth container specification. */ - if (stristr($ldac_split, "DC=")) + if (stristr($ldac_split, "DC=") || empty($ldapbasedn)) $search = @$ldapfunc($ldap,$ldac_split,$ldapfilter); else $search = @$ldapfunc($ldap,"{$ldac_split},{$ldapbasedn}",$ldapfilter); diff --git a/usr/local/www/system_authservers.php b/usr/local/www/system_authservers.php index fc7cef0..8a18ed6 100644 --- a/usr/local/www/system_authservers.php +++ b/usr/local/www/system_authservers.php @@ -147,7 +147,7 @@ if ($_POST) { if ($pconfig['type'] == "ldap") { $reqdfields = explode(" ", "name type ldap_host ldap_port ". - "ldap_urltype ldap_protver ldap_scope ldap_basedn ". + "ldap_urltype ldap_protver ldap_scope ". "ldap_attr_user ldap_attr_group ldap_attr_member ldapauthcontainers"); $reqdfieldsn = array( gettext("Descriptive name"), @@ -157,7 +157,6 @@ if ($_POST) { gettext("Transport"), gettext("Protocol version"), gettext("Search level"), - gettext("Search Base DN"), gettext("User naming Attribute"), gettext("Group naming Attribute"), gettext("Group member attribute"), @@ -507,7 +506,7 @@ function select_clicked() { </td> </tr> <tr> - <td width="22%" valign="top" class="vncellreq"><?=gettext("Search scope");?></td> + <td width="22%" valign="top" class="vncell"><?=gettext("Search scope");?></td> <td width="78%" class="vtable"> <table border="0" cellspacing="0" cellpadding="2"> <tr> |