lib/Auth

Jeroen van Meeuwen vanmeeuwen at kolabsys.com
Mon Sep 17 15:56:59 CEST 2012


 lib/Auth/LDAP.php |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

New commits:
commit 19606b44245756510d0bea1299145ab4d1c3d758
Author: Jeroen van Meeuwen (Kolab Systems) <vanmeeuwen at kolabsys.com>
Date:   Mon Sep 17 14:55:48 2012 +0100

    Correct default set of ACIs for new domain name spaces

diff --git a/lib/Auth/LDAP.php b/lib/Auth/LDAP.php
index 858c422..e15b266 100644
--- a/lib/Auth/LDAP.php
+++ b/lib/Auth/LDAP.php
@@ -1224,7 +1224,7 @@ class LDAP extends Net_LDAP3 {
                         $_aci,
 
                         // Search Access,
-                        "(targetattr = \"*\") (version 3.0;acl \"Search Access\";allow (read,compare,search)(userdn = \"ldap:///" . $inetdomainbasedn . "\");)",
+                        "(targetattr = \"*\") (version 3.0;acl \"Search Access\";allow (read,compare,search)(userdn = \"ldap:///" . $inetdomainbasedn . "??sub?(objectclass=*)\");)",
 
                         // Service Search Access
                         "(targetattr = \"*\") (version 3.0;acl \"Service Search Access\";allow (read,compare,search)(userdn = \"ldap:///" . $service_bind_dn . "\");)",





More information about the commits mailing list