Project

General

Profile

Actions

Feature #3410

closed

Patch: Add Apple Open Directory memberUid support in group lookup

Added by Daniel Hazelbaker about 10 years ago. Updated over 7 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
User Manager / Privileges
Target version:
-
Start date:
01/23/2014
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:

Description

This is a patch that adds compatibility to do memberUid style lookups used in Apple's Open Directory. Specifically, when the user record does not contain any "reverse" group information. The ldap_get_groups function is modified to have a dual-search filter, it looks for user account(s) that match as well as group's whose memberUid (or rather the group membership variable defined by the user) has the username.

I have been able to test against OS X Server 10.9 and it works as expected. While the original functionality should still work, I do not have any LDAP servers that are configured that way so I cannot test. If somebody can test that I would love to hear if it is working or not.

Attached is the diff containing the changes.


Files

auth.inc.diff (3.04 KB) auth.inc.diff Daniel Hazelbaker, 01/23/2014 09:29 PM
Actions

Also available in: Atom PDF