Re: More flexible LDAP auth search filters?

On Sat, Sep 9, 2017 at 3:36 AM, Peter Eisentraut
<peter(dot)eisentraut(at)2ndquadrant(dot)com> wrote:
> For additional entertainment I have written a test suite for this LDAP
> authentication functionality. It's not quite robust enough to be run by
> default, because it needs a full OpenLDAP installation, but it's been
> very helpful for reviewing this patch. Here it is.

Very nice!

+if ($^O eq 'darwin')
+{
+ $slapd = '/usr/local/opt/openldap/libexec/slapd';
+ $ldap_schema_dir = '/usr/local/etc/openldap/schema';
+}

I'm guessing this is the MacPorts location, and someone from that
other tribe that uses Brew can eventually post a patch to make this
look in more places.

+my $ldap_port = int(rand() * 16384) + 49152;

Hmm. I guess ldapi (Unix domain sockets) would be less roulette-like,
but require client side support too.

Here's a change I needed to make to run this here. It seems that to
use "database mdb" I'd need to add a config line to tell it the path
to load back_mdb.so from. I could have done, but I noticed that if I
tell it to use raw ldif files instead it's happy. Does this still
work for you on the systems you tested?

--
Thomas Munro
http://www.enterprisedb.com