12 Apr
2007
12 Apr
'07
8:42 p.m.
Ryan Kramer wrote:
Apparently something in the ldap_escape_func is broken when talking to Microsoft AD.
The code does not distinguish between Microsoft AD and other LDAP servers.
I replaced the code of that function with the much more lenient code of the 1.0.1 ldap_escape_func, and it works great with MS LDAP now!
I'm curious to know what your queries are, and if you're doing the double queries I suspect. I think that the problem can better be solved by understanding it, rather than by removing the restrictions that prevent people from attacking your LDAP server. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog