Hi Ondrej Am 14.04.25 um 18:19 schrieb Ondřej Kuzník:
Hi Stefan, hard to tell but it might be down to ACLs, if you want to use LDAP URIs for user selection, there is an internal search that is run and it needs `auth` privileges to run. You probably need to run with acl logs enabled and check that your ACLs are not standing in the way of that.
Again, you pushed me in the right direction. We already set the ACL for "uid" and "entry" to auth, but in this case we need KerberosPrincipalName in the same ACL. Reading your answer pushes me in the right direction :-)
Thank you Stefan
OpenPGP_0x52F6D4DD1BB68AB5.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
