Hello Tim, thank you for your answer. In case you ever want to improve LDAP support, I would have some addditional wishes:
a) the uid field should be used for a subtree filter query rather then for composing the RDN in form "uid=$1,..." since some directory services (as ours) won't use DN's starting with "uid=" b) allow empty base DN, because possibly you have users in distinct parts of the DIT, i.e. starting with c=de, c=us, c=fr ... c) support groups. I might wish not to give all user the right to access but limiting it to a certain group which member DN's will have access d) use displayName rather than cn for the user's name t-M -- Matthias Löbe, Inst. for Medical Informatics (IMISE), University of Leipzig Härtelstr. 16, D-04107 Leipzig, +49 341 97 16113, lo...@imise.uni-leipzig.de
