9 Dec
2005
9 Dec
'05
2:20 p.m.
From reading debug logs, am I correct in concluding that rlm_ldap's behavior:
- when processing authorize{ } is to bind to the LDAP as the provided administrative DN and search for the DN of the user in the Access-Request packet
- when processing authenticate{ } is to, if successful during authorize, then re-bind to the LDAP using the provided username and password and return Access-Accept only if the bind-as-the-user succeeds?
Correct, as the default behavior?
Sounds right to me.