lib/Auth
Jeroen van Meeuwen
vanmeeuwen at kolabsys.com
Thu Jun 21 12:18:20 CEST 2012
lib/Auth/LDAP.php | 7 +++++++
1 file changed, 7 insertions(+)
New commits:
commit 16e7ac502a35b69f00fc71619ad0f536d99e0152
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date: Thu Jun 21 11:17:55 2012 +0100
Add root dn aci for service account from primary domain name space (#851)
diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index 7007007..8d0feb7 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -1879,6 +1879,11 @@ class LDAP
$_aci = $aci;
}
+ $service_bind_dn = $conf->get('ldap', 'service_bind_dn');
+ if (empty($service_bind_dn)) {
+ $service_bind_dn = $conf->get('ldap', 'bind_dn');
+ }
+
$dn = $inetdomainbasedn;
$attrs = Array(
# TODO: Probably just use ldap_explode_dn()
@@ -1906,6 +1911,8 @@ class LDAP
# Search Access,
"(targetattr = \"*\") (version 3.0;acl \"Search Access\";allow (read,compare,search)(userdn = \"ldap:///" . $inetdomainbasedn . "\");)",
+ # Service Search Access
+ "(targetattr = \"*\") (version 3.0;acl \"Service Search Access\";allow (read,compare,search)(userdn = \"ldap:///" . $service_bind_dn . "\");)",
),
);
More information about the commits
mailing list