diff options
author | Andrew MacIsaac <andrew.macisaac@sparkintegration.com> | 2013-04-02 11:36:23 -0700 |
---|---|---|
committer | Andrew MacIsaac <andrew.macisaac@sparkintegration.com> | 2013-04-02 11:36:23 -0700 |
commit | 3d3081ecbb6e8a8403a3a67eabb271fcab87f8c5 (patch) | |
tree | c99a3b7cf152262715230ff92e9536f221b09b47 /etc | |
parent | 068e6891e2c2c03a427e477d03d309e1f9d47255 (diff) | |
download | pfsense-3d3081ecbb6e8a8403a3a67eabb271fcab87f8c5.zip pfsense-3d3081ecbb6e8a8403a3a67eabb271fcab87f8c5.tar.gz |
Set LDAP option to dereference aliases when searching
Diffstat (limited to 'etc')
-rw-r--r-- | etc/inc/auth.inc | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index c78b063..afddc5b 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -739,6 +739,7 @@ function ldap_test_bind($authcfg) { } ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); + ldap_set_option($ldap, LDAP_OPT_DEREF, LDAP_DEREF_SEARCHING); ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, (int)$ldapver); if ($ldapanon == true) { @@ -809,6 +810,7 @@ function ldap_get_user_ous($show_complete_ou=true, $authcfg) { $ldapfilter = "(|(ou=*)(cn=Users))"; ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); + ldap_set_option($ldap, LDAP_OPT_DEREF, LDAP_DEREF_SEARCHING); ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, (int)$ldapver); if ($ldapanon == true) { @@ -919,6 +921,7 @@ function ldap_get_groups($username, $authcfg) { } ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); + ldap_set_option($ldap, LDAP_OPT_DEREF, LDAP_DEREF_SEARCHING); ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, (int)$ldapver); /* bind as user that has rights to read group attributes */ @@ -1042,6 +1045,7 @@ function ldap_backed($username, $passwd, $authcfg) { ldap_setup_caenv($authcfg); ldap_set_option($ldap, LDAP_OPT_REFERRALS, 0); + ldap_set_option($ldap, LDAP_OPT_DEREF, LDAP_DEREF_SEARCHING); ldap_set_option($ldap, LDAP_OPT_PROTOCOL_VERSION, (int)$ldapver); /* Make sure we can connect to LDAP */ |