[389-users] Greedy PAM

Gerrard Geldenhuis Gerrard.Geldenhuis at betfair.com
Fri Oct 15 14:57:37 UTC 2010


Hi
Not strictly a 389 question but maybe 389 offers a solution.

I have a tree structure as follows:
dc=company
ou=people,dc=company
ou=groups,dc=company

On my client the I have the following searchbase in /etc/ldap.conf
dc=company

If I login as user gerrard and look at the network traffic then every possible user is send to the client. This is not a problem yet but would be a problem on a slow link or with lots of users.

Changing the base to ou=people,dc=company works in that the search results returned is way smaller, but breaks everything else because group membership is not in that base.

Is there a way to dynamically have search basis when queries for certain data is done. How do you configure clients to be more selective when doing searches against a ldap directory.

Regards

________________________________________________________________________
In order to protect our email recipients, Betfair Group use SkyScan from 
MessageLabs to scan all Incoming and Outgoing mail for viruses.

________________________________________________________________________



More information about the 389-users mailing list