|
A few improvements could be made to the log output from LDAP Authorization
- Failure to map authentication names to LDAP DNs should output the full trace of every rule that was attempted.
- LDAP name mapping rule failures should show the actual query that was executed and the failure reason
- Forgetting ldap:// yields bad parameter to ldap_ routines. We should catch this up front.
- We should try and minimize the number of reported errors when LDAP bind fails
- Provide a better message for invalid scope types
- Expected to find exactly one LDAP entity message should include the query
|